Yahoo Cyber Attack
-
Created: Wednesday, 28 September 2016 09:37
Yahoo is one of the latest organizations that has been a victim of a cyber attack. It appears that the impact of this attack has impacted Yahoo email users as well as Yahoo Fantasy Football users. This issue is important to note because millions of users passwords along with their challenge questions and answers were compromised. Many people reuse the same password to access everything from banking to email accounts. Couple this with the fact that people receive bank statements and other personal information into their email, makes this a recipe for disaster.
The fact that Yahoo has joined the ranks of Target, Home Depot, Sony, and even OPM, makes me believe that this issue of cyber attacks is never going away. There is probably more value in virtual data than there is in physical data, which increases the chances of this continuing to happen. There are ways people can reduce the damage done by cyber attacks, and many of them are very simple.
1 - Never reuse passwords. Just think that if someone got access to your password, how many accounts would they be able to access?
2 - Use passwords that are a minimum of 8 characters. By adding more characters, you increase the difficulty in guessing attempts. A 5 character password that does not include special characters, numbers, or upper case letters, has 1,490,116,119,384,765,625 possibilities. If you consider the fact that guessing attempts, also known as brute force attacks, are done by computers that are capable if solving this in a matter of hours. Utilizing at least 8 characters and including special characters, numbers, lower and upper case letters greatly increases the difficulty.
3 - If at all possible, never use challenge questions reveal personal information. Use questions like favorite color and not mothers maiden name.
4 - If at all possible, utilize 2-factor authentication.
If you are unfamiliar with 2-factor authentication, check out an older post about Google's passwords being leaked. In that post I, go over 2-factor in better detail.
