Previously I discussed that *many* people had followed a link in an email that included a username and a real password (credentials) because they thought the sender had access to their account. I mentioned that our credentials unfortunately have been leaked from numerous breaches. I said that just because they have your credentials doesn’t mean they have access to your account… However, you had to have changed your password!
Sadly, people don’t change their passwords even when a breach has been announced.
I was surprised and slightly appalled when I broached this subject with my brother and he hadn’t changed his password after a widely publicized breach. This particular breach had actually made it into mainstream media and I had talked to him about it…several years ago!!! Thankfully he hadn’t used that password for other accounts and quickly changed it so the person who had access to his account was locked out…. BUT still!
So, what should you do??
- Don’t click on links in emails, especially if it is marked as spam!
- Use a password manager to have complex passwords that are DIFFERENT for EACH account you have.
- AgileBits’ 1Password
Rotate your passwords regularly. (Most Password Managers do this too if you turn it on)
Stay tuned to hear more tips or find more here! Corporate Information Technologies blog
Corporate Information Technologies provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. Corporate Information Technologies can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised.
Contact us to learn more and let us show you how good I.T. can be!
*This post contains affliate links and CIT will be conpenstated if you make a purchase after clicking on the link