If we learned something useful from the recent hacks or leaks from various web portals, e.g. the dating site Ashley Madison, it’s the simple, but alarming fact, that the human factor continues to fail.
While big players like Google, Apple and Hotmail maintain a relatively high level of security (and even in this case, there’s no such thing as an “impenetrable fortress”, as we could observe when the Apple iCloud hackwent down, releasing hundreds of photos of celebrities), other websites use simple or even no advanced forms of securing the data of their visitors and users.
Ebay, Amazon, Apple App Store/Google Play Store – these are just a handful of websites or apps that – when left unattended – can cause your bank accounts to give up some serious money, if your smartphone or tablet happens to fall into the hands of another person. In the case of websites that fall into the social and/or dating category, the consequences can be unpleasant for private lives.
What is more, web admins also don’t do everything in their power, to secure their data, that’s why we recommend to be cautious of the following basic pointers, which can alert you to a not so secure website:
- the page doesn’t use the secure HTTPS protocol
- a simple password suffices for a registration, without special characters or numbers, or even without a minimal password length
- login credentials or a new password after reset, are sent as plain-text via mail
On the other hand, we have the users themselves. A lot of them show genuine concern when it comes to the security of their data, yet few behave according to basic security principles. Unfortunately, in most cases when we somehow fail, not being informed enough or just being plain lazy, is the main cause.
Simple passwords, passwords scribbled on pieces of paper and left on one’s desk and so on. One major factor must be addressed with special attention – users staying logged in their various accounts, on their devices, even after they leave them laying around somewhere. How we can use this protection in real life?
SaferPass is the only password manager which offers the Secure Me function. You can use Secure Me, to securely log you out on a different device where the SaferPass Chrome extension is installed. No more worries that someone else will check your emails, Facebook, Dropbox or private messages on computer where you forgot to log out. SaferPass will log you out remotely, and also clear the browser history.
We are not talking just about a desktop computer, which hopefully – in your absence – is at least, user-locked, the issue here are smartphones and tablets, which more than often don’t even have the basic 4-digit passcode lock. These devices can then be easily left unlocked, with accounts still logged into various web pages in the mobile browsers. More than 30% of all users continue to behave like this. Even if the most “sensitive” data, is spared from this phenomenon by being part of internet banking applications (which have an automatic logout function), other information can be misused with significant damage.
Look for websites, which have strict requirements concerning the complexity of your password (they know why they are doing this). Websites that immediately send notifications, when a password is reset or someone logs into an account from a new device. Think about your mobile devices, about where you put them down and if you really don’t want to spare the few extra seconds needed to log out of all the important accounts on them. The more difficult a target you become, the higher the chance of you avoiding a potential attack altogether.