Try to imagine this situation: You’re sitting at home when suddenly you hear loud sirens and alarms blaring through your house. Your home security camera then alerts you that North Korea has launched a nuclear strike against the U.S. and that everyone in your area had three hours to evacuate.
Now imagine finding out that all of this was a hoax.
That is exactly what happened recently to Laura Lyons of Orinda, California. And this helps underscore a very important problem that is hitting both private individuals and businesses as more and more people are bringing smart devices into their homes and offices.
When Lyons was hacked in her home, it was her Nest Cam (a web camera) that was the culprit. But the hack didn’t actually come from Nest.
Instead, her password was obtained as part of another data breach which allowed the hackers to gain access to her devices that all used the same password.
This activity stresses four very important ways to avoid having your passwords used against you when they are stolen. These include:
Don’t keep the same password for everything
Many people use the same password for every single sign-in and profile they have. If this is the case, a hacker can steal your Twitter log-in (a fairly harmless bit of information), and then turn around and use the password to hack into your bank account.
You need a different login for each account. Furthermore, you should change these regularly.
While some experts suggest changing your passwords every quarter, at a minimum you should update them once or twice a year. And if you discover that your information has been compromised in a breach, you should change all of your passwords immediately, just to be safe.
Passwords also need to be secure
Never use something simple such as your birthday or anniversary or the names of pets or children as a password. Passwords need to be at least 8 characters (12-16 is much better) and a mixture of lowercase letters, capital letters, numbers, and special symbols such as ! or #.
You need to limit the number of sign-in attempts
Limit the times allowed to sign into your accounts in the event that a hacker is attempting a brute force attack. After 3-5 wrong guesses, your account should lock down and alert you that someone is trying to gain access to your account.
Use two factor authentication on your accounts
Finally, and this was the suggestion that Nest Cam gave to Ms. Lyons, you need to use two factor authentication on your accounts. This means that when you login using your correct credentials, the website will send you an authorization code to your cell phone or email to verify that it’s really you. Hackers may be able to get hold of your username and password, but it’s less likely (though certainly not impossible) they will crack your account with two factor authentication in place.
When you allow smart devices into your home or office, you are opening a window that hackers can enter. Be sure that you secure this entrance by practicing good password habits.
INSUREtrust is committed to your online safety. For more information on how to keep you and your business from being targets of a cyber-attack, sign up for our newsletter full of helpful tips and processes for staying cyber secure.