Thursday, February 2, 2017

Change Your Yahoo Passwords Now!

                According to this article by The Associated Press, over 1 Billion yahoo accounts were breached just about a month or so ago, and this was not the first time this has happened. There is no question that the overwhelming reason for this is the lack of strong passwords from Yahoo account users. While it is unfortunate that Yahoo cannot seem to figure out how to strengthen its security so that it is invulnerable to such hacking or breaching, they are not the only ones. In fact many other media companies have been breached in the past few years such as, LinkedIn and Facebook. Whether these media companies ever figure out how to be more secure or not, there is one thing that pretty much guarantees the users account to be safer, and that is making your password stronger.
                Yahoo has been pushing for all users to create a stronger password, which often consists of letter capitalization, symbols, and should be something that is unique or quite different from your name or username. They have been pushing for this by actually forcing many users who have weak passwords to change their passwords when they try to sign in now. This happened to me the other week. I had a weak password that was very similar to my last name, so when I tried to log into my email, it first redirected me to change my password first. When changing my password, I tried to change it to a password that I use for my Gmail and Facebook accounts so that I do not have to try and remember several different passwords at once. The interesting thing that I found was that Yahoo would not let me do this, saying that it needs to be something that I do not use for other accounts and not similar my previous password.
            The critique I have on this, is that now every time I try to log into my Yahoo mail, I cannot remember my password because it is quite complicated and different from all my others. I have to change my password essentially every time I want to see my Yahoo mail. The suggestion I would have for Yahoo, is for them to use multi factor authentication. I know that Bank of America uses this, along with many others. Essentially, it would require you to suggest an image or choose a question that they would ask you every time you try and log in. This would be effective because it would be another line of security in a sense, and no users should forget the answers to the questions. This would be a much more productive way to be more secure, while also not frustrating users with making them create complex passwords.


http://www.nbcnews.com/tech/security/huge-yahoo-hack-serves-reminder-change-your-password-n696296

1 comment:

Jacqui Schmidt said...

I thought this blog was relevant in today’s world because so many of us have social media accounts and because I think it is common that we all use the same password for all our accounts. Using one password, while convenient, can make you really vulnerable if one of those accounts were to be hacked.
When I googled the topic of social media accounts being hacked there were many articles that came up. One article caught my attention that touched upon this topic. The article, Why Social Media Sites Are The New Cyber Weapons Of Choice, claimed that social media hacks are being used to do “everything from social engineering to exploit distribution to counterfeit sales to brand impersonations, account takeovers, customer fraud, and much more.”
While I agree that making stronger and more diverse passwords is necessary I don’t think people will. I think that even the little work it would take, would be seen as an inconvenience, especially to the general audience of social media. I agree that having to remember a different password for each different site is an annoyance and I realized many people most likely have thought this before me. When I did a simple search I was right. There are many apps out right now about exactly this topic. The one app I looked up, that was highly rated, was called Last Pass. The app not only makes up random, and strong passwords, but they store them as well. The only password you need to recall is the one for the app.
Another way to perhaps decrease the number of hacks is if logins start to require touch IDs. Most people do use social media on their phones anyways which would solve the issue of it being inconvenient. For example, I use it to look at my banking statement or when I purchase something on the app store. Although, this does cause an issue of if the user does not have a touch screen device and they wish to login. Another issue is that while touch ID might be offered, entering login credentials manually would also still be an option. This might prompt more people to make stronger passwords, if the touch ID is offered, but because manual entry is still there, social media hacks could still happen. Perhaps in the future, if all technology has touch screen options, fingerprints will be the preventive to hacking.
Sources:
http://www.darkreading.com/attacks-breaches/why-social-media-sites-are-the-new-cyber-weapons-of-choice/a/d-id/1326802
https://itunes.apple.com/us/app/lastpass-password-manager/id324613447?mt=8