We have recently been alarmed by the fact that Russian hackers were able to access 6.5 million user passwords from the Social Media sites LinkedIn and eHarmony. The problem was caused by the apparent fact that LinkedIn was using outmoded cryptographic methods that failed to effectively secure this sensitive data. The result was that LinkedIn supposedly emailed people who they believed had had their passwords breached. I appear to have been one of the “lucky people” not to have received an email from LinkedIn. The truth is how do we confirm that the emails were actually sent from LinkedIn as this is one method used by hackers to obtain further information from you in order to access information such as your bank details.
The question is how do you confirm that your password has not been breached? LinkedIn has requested that anyone with a LinkedIn account should change their password just to be safe. As a result, hopefully most people are now in the process of changing all of their passwords.
Phishing attacks can contain links that, when clicked on, install malware on your computer, which is why it is advisable to never click on links in emails to change or verify your accounts at any site. LinkedIn in itself is not the target of the people behind the attacks but in what the LinkedIn password list can lead to for their benefit.
” LinkedIn has since put a new form of security in place that includes techniques called “hashing” and “salting,” which sound like something from a Food Network show but are actually ways to add additional information to a password to make it far more difficult to decode. This is good news for those anticipating a future relationship with LinkedIn, but the company’s security gaffe leaves some existing users in an uncomfortable position. For the LinkedIn password is just the tip of the iceberg when it comes to the way many people manage their online identities.” (Source: Paul A. Gilster)
One of the issues with having many user names and passwords is remembering what they all are. It is easy to have the same password for every community and or site that we belong to. Remembering multiple user names and passwords is one thing. If you are unable to do so, where can you keep them without hackers being able to access them?
SentryBay have a secure solution called E-Wallet and this allows you to safely save user names and passwords along with bank details and any other personal information that you care to save. e-wallet is password protecting and can run on your desktop or on a USB key. e-wallet has an added feature in that you can encrypt and decrypt data in the same secure environment.