It’s the holiday season… for everyone but Sony, at least. The tech/entertainment supergiant has been experiencing a ton of security issues lately. Last month, someone hacked into Sony’s databases and stole a lot of information (including unreleased movies, which were later released to the world). This December, it was revealed that Sony stored their passwords in a folder on their server titled “Passwords.”
Yes, passwords. Let that sink in for a moment. They could have at least changed it to something a little less conspicuous, like “New Jazz” or something. All of a sudden, it’s not surprising that someone was able to access their systems and steal a bunch of confidential data. Maybe their login username is “admin,” too. More data has been leaking over the past several days, including Social Security numbers, passport copies, and even more personal data from employees and actors involved with Sony. GOP (Guardians of Peace), the group responsible for the hacks, has established that any Sony employee who doesn’t want their information released should email them directly.
While actors Seth Rogen and James Franco have jested about the hacks on Saturday Night Live and social media, this hack is kind of a big deal. It’s safe to say that a high-profile hack of this nature could release plenty of information within due time, and threaten the business continuity of Sony. This is a perfect example of what can happen if you’re nonchalant with your network security. Someone could hack into your server, gain access to your “passwords” folder, and make off with tons of login credentials that could put your business on the chopping block.
However, when dealing with passwords, there are several best practices which you want to consider, all of which are meant to maximize the security of your accounts. Here are some tips to help you get the most out of your passwords and keep your sensitive information safe.
- Use a complex string of characters, numbers, and symbols. Rather than using simple words like “admin” or “password” for your login credentials, you should use multiple different characters. This includes filling it with numbers and other special symbols, too. The more complex the password, the more difficult it will be for a hacker to log in. For example, instead of using certain letters, you can replace them with numbers which look similar to them.
- Long passwords are better than short ones. As you can expect, using a password which is short and easy to remember isn’t optimal for security. As previously mentioned, you want a password that is difficult for a hacker to get a hold of. Hackers are able to plug in millions of characters at an incredible rate, so the password must be long in order to keep it convoluted and hidden.
- Don’t use words that exist. Words that exist are easy to remember and, likewise, easy to guess. Instead, you can make up a word that only you can recognize. This way, it’s unlikely that the hacker will guess it (or at the very least, force them to get creative with their hacks).
- Avoid easily-obtainable information. One way that people try to mask their password is by using their Social Security number or date of birth. Just because you think they’re secure doesn’t mean others can’t get their hands on them, too. Even worse, if someone were to keylog your password, and it’s your Social Security number or date of birth, that hacker is one step closer to stealing your identity.
- Use several different passwords. This should be obvious, but you shouldn’t use the same password for multiple accounts. If one password works for multiple accounts, the hacker only needs to crack the code once to get to all of your other accounts. You want your passwords to be as different as possible.
Password Management Solutions from Iron Edge
There’s one thing which all of these tips point toward: making your password difficult to guess, and therefore, practically impossible to remember. When you have so many complex passwords, it’s hard to remember which password goes where. This is where use of Iron Edge’s preferred password management solution can truly shine. All of your passwords are gathered in one location inside a secure application. The password manager then pulls the password whenever you need to access an account.
Granted, you could always just write down your passwords and put them all in one place, but then you’re doing the exact same thing that Sony did. If someone were to access the notebook or post-it note with your passwords written in it, you can say goodbye to your sensitive information. Whatever you do, do not label the list as a bunch of passwords.
For information on how to integrate a password management system into your technology strategy, give Iron Edge a call at 832-910-9222.