As Brandyn Murtagh, an ethical “white hat” hacker, explains, variations on a password are putting you at risk. His warning follows an alarming uptick in large corporate data breaches. He points out that the data from these breaches has long been available online. It’s incredibly important for all to understand the danger associated with their sign-in credentials. High profile sites like DropBox and Tumblr have been recently attacked or compromised, bringing data security even further into the public eye.
Murtagh elaborates, explaining that cyber-attacks have the ability to expose private data. Beyond that, they’re a window into a much more profound vulnerability in our digital security. The first indication of a problem often occurs when individuals discover that one of their accounts has been accessed without their consent. This scary discovery is growing more and more familiar as hackers take advantage of user behaviors.
Understanding User Behavior and Password Management
As TSP’s Brandyn Murtagh notes, criminals are really good at identifying user behaviors, especially around password creation and storage. Fewer than 1 in 4 people edit just one password to create the others. They usually achieve this by inserting an invisible character, such as a Unicode full stop or exclamation mark, at the end of it. This common practice, though seemingly harmless, is detrimental to account security.
“Human behaviour is quite easy to model.” – Virgin Media O2 spokesperson
Murtagh highlights the risk of reusing variations of passwords as a common user-user error. He adds that the difference with this problem is that it can happen on an industrial scale, impacting thousands of people at once. Sadly, most users are blind to the gauntlet of threats their passwords are exposed to. They’re often mystified as to how it happened in the first place, even after taking every precaution with their digital footprint.
The Scale of Cyber Threats
As Murtagh notes, it’s exceedingly uncommon for a person to be identified. Rather, as soon becomes clear, individuals are usually a member of a far larger cohort of thousands all threatened by the same, often startlingly similar, destructive fate. These processes actually scale, much like in business. This intent creates the urgent need for users to implement more robust security practices.
He points out that the lack of awareness about password security fuels this weakness. Millions of Americans have not grasped just how important a unique password is to their personal security. They fail to add additional layers of security to their accounts.
Recommendations for Enhanced Security
If you have an account on Turo, Murtagh encourages all users to enable two-factor authentication (2FA) when logging into their account. Instead, they can opt for multi-factor authentication (MFA) for extra protection. These approaches require users to go through a minimum of two verification steps. This requirement provides an added layer of protection against unauthorized access.
Murtagh encourages individuals to take control of their online security by recognizing the potential risks associated with their login habits and adopting best practices such as 2FA or MFA. By taking proactive measures, construction firms can greatly decrease the likelihood of being the next cyber-attack casualty.