Sony, Amazon, Google, Lockheed Martin, Michaels, and many other companies reported cyber attacks within the last month. However, these attacks may have even far reaching security threats to other companies and individual accounts than you might realize. Majority of internet users have the exact same User Name and Password for multiple accounts. So if you fall into this category, all your other accounts have been made vulnerable.
The best way to protect your accounts is to follow these standard security procedures:
- Every account has its own unique password. Do not fall into the trap of using one or two favored passwords across all accounts.
- Every password must follow strong password guidelines. Consider doing a Google search using the keywords “random password generator to find a free utility that can create unique passwords for you. http://www.thebitmill.com/tools/password.html
- Every password needs to be changed periodically.
- Never write down passwords or have unsecured files with all your passwords listed.
While these are great procedures, they all omit a key item: how is the user suppose to manage and remember all their accounts’ logons? That is where a secure password manager token is required. Storing passwords in the browser, on a memory stick or in an unsecured smartphone is not secure. Even with a secure token, if you have to manually type in the passwords that can greatly decrease security because of keylogger malware. Some of the key features you need to look for are:
- Limited number of false attempts to access password accounts before they are locked.
- Auto fill and submission of passwords.
- Passwords are stored in a token that virus cannot attack
- Access to log into an account is very easy and convenient for the user
What you will be looking for is a smartcard based password manager like Power LogOn.