Call Us! 1800 505 767

HOT TOPIC #2 for 2023 - Passwords

"Using the same password for everything saves time!"
"Clicking 'save password' in our apps streamlines business!"
"...There's no risk with these conveniences, right?"

...Wrong!!!

Hackers rely on people's laziness. sharing passwords between apps means that gaining unauthorised to just ONE of your online accounts gives them access to all others with the common password. Unfortunately 91%* of people know that using the same password is a security risk - but still 66%* use the same password or with slight (easy to guess) variations.

Indeed, if a hacker can get access to your email, that platform can be used to recover all other passwords using "password recovery" features built into most websites even if your passwords are unique. Worried yet? You should be.

Below is an actual discussion with a small business that had their password hacked and how our Senior Business Technology Consultant, Brett Kitchin, responded.

Clayton: “I got an email this morning, and it was a scam, obviously, but they sent it to my email address that I use for work. And in the email, it contained my password. Actually told me what my password was. I'm a bit worried.”
Brett: "We all get spam email, all the time, threatening this and that. However if they've specifically quoted your password, you need to stand up and take attention. It means that your credentials have become leaked on the internet, somehow."

Clayton: “How could that have happened?”
Brett: "Well, perhaps you've got malware on your machine and it's leaking all kinds of information. Malware is a poisonous bit of software that after you've clicked on an ad, it's actually put something in memory and leaked information out. Or it could be that you've registered on a website for a newsletter or created a login with a seemingly legitimate source."

Clayton: “Yeah, I do register on websites all the time.”
Brett: >"Perhaps that password has been leaked accidentally by that website because they've become compromised. Or perhaps it's not as legitimate a website as you thought."

Clayton: “So what should I do?”
Brett: "The call to action here is: if they've quoted your password, stand up, take attention, and change that password, everywhere, immediately. However, don't change it from the machine that you've always been using because you might just be leaking the new one!Here are a couple of how-to's or safety tips:

-If you're going to change your password, change it to be something unique and do it from a machine that you're rarely using, that you know is safe.

- Alternatively, restart your computer into 'safe mode with networking'. You can Google on how to do that, or I can give you a hand. Safe mode with networking support pretty much ensures that you're not reloading any malware or any other software that could be causing this problem."

Clayton: “How do I avoid this in the future?”
Brett: "If you have the problem that a lot of people (staff) use that password quite a lot across the place, you’ve got to change that habit as it's bad practice. Next step is introducing a password protection system that is two-factor protected. Just an interesting statistic: the second that you implement two-factor protection, you will have a 99% reduction in account breaches. That's what Microsoft discovered. If you want to learn more about how we can help if your business passwords become compromised, contact the team at Accountable IT Group today."

- Brett Kitchin, Business Technology Consultant
 *Note:Statistics According to Lastpass (www.lastpass.com)