Monday, May 18, 2015

LUSER Factor Strikes Again

--

The most appalling term I use on this blog is 'LUSER'. I capitalize it to emphasize it. The LUSER Factor is that one security hole that can never be patched. All we can do is guard against it as a problem source from others and a problem source from ourselves. 

Brian Krebs wrote a great article last week specific to the LUSER Factor:

Starbucks Hacked? No, But You Might Be
... Those customers had all chosen to tie their debit accounts to their Starbucks cards and mobile phones. Sullivan allowed in his story one logical explanation for the activity: These consumers had re-used their Starbucks account password at another site that got hacked, and attackers simply tried those account credentials en masse at other popular sites — knowing that a fair number of consumers use the same email address and password across multiple sites.
Protect yourself from yourself and sort out your passwords. All of them must be different. All of them must be as random and unguessable as possible. Store them all up in a password protection program like 1Password or LastPass. Learn how to put the OS X Keychain to good use.




--

No comments:

Post a Comment