12 Password Mistakes That Hackers Hope You’ll Make
Passwords are supposed to keep us safe, but they can be an open door for hackers to attack our finances and identity. Here’s how you can protect yourself.
Common mistakes, big problems
Posteriori/Getty Images
Password hacking is in the news with alarming regularity. Recently, thousands of Disney+ customers lost their accounts in a mass hack attack within days of the new streaming service’s launch. As reported by The Market Realist, those hacked accounts were then sold on the dark web. While large-scale attacks like this can make consumers feel helpless, there are steps we can all take to protect our passwords and our data. Some of them are common sense (don’t use the same password for every site!), and some aren’t quite as obvious. Read on to learn the most common password mistakes that hackers hope you’ll make. And while brushing up on your cybersecurity knowledge, make sure you know what happens when you ignore those security warnings on your computer.
Choosing an easy-to-guess password
PeopleImages/Getty Images
“Common mistakes people make with passwords make them easily hackable. Those mistakes include using easy passwords like birthdays, creating common passwords like 1234, using brand names, pop-culture references, or sports to create a password.” —Elias Manolopoulos, founder of Aeon Ads. You’ll want to change your settings immediately if you use any of these 25 passwords.
How to Avoid the Most Common Mistakes Leaders Make
This may come as a surprise, but in my experience, the mistakes made by first-time managers and those repeatedly made by experienced executives often have a great deal in common. Here are some of the dominant management and leadership failures commonly observed at all organizational levels - across business, government, and the military. General Chuck Jacoby and I describe many of them in our new book Agility: How to Navigate the Unknown and Seize Opportunity in a World of Disruption.
Few things are more detrimental to the morale, culture, and long-term success of any organization than the leaders' failure to live up to the organization's values they proclaim to embrace. This is precisely what happened at an investment company we knew well. This firm was founded on the premise that complex forces have created persistent market inefficiencies that could be exploited. This was entirely inconsistent with the magnitude and nature of the losses that followed. When asked by the board of directors to analyze the firm's downfall, we expected to hear complex financial and economic explanations, such as market paradigm shifts or the emergence of disruptive players and products. Instead, it was the failure of leadership that became a dominant theme.
After the supposed market inefficiencies proved fleeting (not a surprise for the students of efficient markets), senior executives failed to adjust and put forth a viable strategic vision. Excessive and unfamiliar risks were taken in pursuit of growth and investment returns. Caution expressed by subordinates was treated as disloyalty and dismissed. Moreover, the priority of senior executives to benefit themselves at the expense of other stakeholders had a profoundly toxic impact on the organization, leading to other destructive behaviors.
In addition to the lack of strategic vision, moral failures, and the suppression of dissent, there are a variety of other destructive management behaviors incompatible with agility. Chief among them is micromanagement. Delegating authority requires confidence in people and tolerance for honest mistakes and failures. When leaders become overly risk-averse in the face of uncertainty, they often excessively centralize decision-making and execution authority, which deprives organizations of agility and decimates engagement and trust. This phenomenon can be exacerbated by advances in surveillance and communication technology that may create an illusion that the fog of battle can be effectively penetrated from the comfort of an executive office.
When executives deliberately undermine trust, refuse to take responsibility, or practice fear-based or transactional management styles, the long-term damage to the firm's culture, exploratory thinking, cohesion, and agility is profound. In a well-known case in point, F. Ross Johnson, the chief executive of RJR Nabisco vividly portrayed in Barbarians at the Gate, used to openly boast how he deliberately withheld information and kept employees off balance by unexpectedly buying and selling businesses and changing organizational structures.
In another example, a toxic culture at a well-known international firm proved incompatible with agility. From its inception, the firm's senior executives designed processes and systems that reduced the firm's dependency on specific individuals, with the express intent to make most employees easily replaceable. The firm remained committed to this philosophy through many years of skillful execution and exploitation of market opportunities. By all metrics of financial performance, growth and prominence, this firm has been unequivocally successful. However, the culture of stress and distrust has manifested itself in one important respect: most of the firm's forays into products and services that require original thinking, ingenuity and specialized talents have been largely unsuccessful. To this day, the company "thrives" only in the realm of commoditized activities performed by replaceable and disengaged employees.
In addition to the intensifying technological change and uncertainty, our organizations operate in a very tough societal environment. The disregard for evidence, expertise and accountability is palpable. What may seem to be just basic common sense regarding the ethics of truthfulness has been under assault. The breakdown of trust permeates key social contracts, undermining faith in institutions fundamental to our values. Our privacy and trust have become commodities to be bought and sold.
All of this presents an invaluable leadership opportunity for managers and executives - across public and private sector organizations, big and small. If we lead by example, show unwavering commitment to the pursuit of truth, and nurture a culture of accountability and trust, we'll end up creating purposeful and cohesive teams and organizations where engagement, initiative, creativity, and smart risk taking lead to remarkable outcomes.
This question originally appeared on Quora - the place to gain and share knowledge, empowering people to learn from others and better understand the world. You can follow Quora on Twitter and Facebook. More questions:
Published on: Jan 15, 2020
Indoor camera apps: How to stay safe from hackers
Please enable Javascript to watch this video
In-home camera apps have become popular over the past few years. People use them to check on their kids or pets during the day. After seeing several stories of people hacking into them, FOX43 wanted to find out how easy it is to do, and what you can do to protect yourself.
It's creepy. It's weird. A stranger accesses an-in home security system in Mississippi, talking to an 8-year-old girl and making odd noises.
"Yeah, it's a little cringy," Emily Mumma of York, said.
Mumma doesn't know this girl, or have any kids. But she does have an in-home camera app.
"It started off as more of a curiosity," Mumma said. "Like, 'what do our pets do when we're not here'?"
The evidence shows nothing but some curious kittens, and a dog who probably misses his mom. Of course, Mumma also bought the camera for added security at her home. But these viral videos of hackers are anything but a sense of security.
"Super creepy," Mumma said. "Super creepy. I think if I did have children, I would probably - either get rid of them or go to something much more sophisticated so I could trust the safety of it."
But how do you trust the safety of it? Security expert and president of security consulting firm, INA, headquartered in Harrisburg, John Sancenito, sheds some light.
"People don't always understand that with the internet of things," Sancenito said. "When they connect wireless devices they open up opportunities for hackers to hack into those devices. And sometimes people put those in sensitive areas like bedrooms and other areas to keep an eye on their kids, I think, without really thinking through the potential downfall of doing that. And how that can be compromised."
John said when things like this happen, it's usually human error. Not a problem with the hardware itself.
"Most people purchase these devices," Sancenito said. "They put them in places they shouldn't and they also do not set them up properly with the proper safe guards to protect them from being hacked. I think if you're going to accept these types of devices around your home, I think you need to take the extra steps to secure them properly."
The first, he said, is make sure you buy a product that supports two-part authentication.
"Two-part authentication usually means that when you initiate a change on your account, they will then send you a text message or an email that you have to respond to to verify and authorize the change," Sancenito said.
Some devices aren't defaulted to this, so you'll want to look at your settings to see if it's an option.
"Just because something is - you can take it out of a box and plug it in, and immediately it starts working and connecting to your home network, doesn't mean that it's necessarily safe," Sancenito said.
The second thing that most people do -
"People use the same password for everything," Sancenito said. "So that when one of those things get hacked or gets compromised, then the same password can be used in different ways."
And change your passwords frequently.
"And make sure that you're using passwords that are not easy to figure out," Sancenito said. "One of the common things that people make mistakes on is they use dates of birth, other things, things people can mine from social media and social engineer in order to figure out what your password might be."
He says make it unique with at least one upper case letter, one number, and one special character.
Also, be contentious about what you're buying - does it come from a reputable seller? And, make sure all of your software is up to date, along with a strong password.
"And certainly there's always a possibility that the bad guys are going to hack into systems, find vulnerabilities and exploit them," Sancenito said.
And for those guys, or girls, who do get caught, they have to answer to people like Fran Chardo - District Attorney of Dauphin County.
"It's a nightmare for any family that this occurred," Chardo said. "Here in Pennsylvania, we would obviously prosecute if we could identify the person that tapped into this system. And they'd be facing very serious felony charges."
Depending on the circumstances, it could be a violation of the Wire Tap Act, or an Invasion of Privacy.
"That requires that the person photographed, video taped, or view a person without their knowledge in the state of full or partial nudity," Chardo said. "That's Invasion of Privacy."
In the case of this video from Mississippi, Chardo said the hacker didn't appear to be gathering sensitive information. That fact that his intentions aren't known makes it all the more frightening.
"Ya know, most people don't think they are ever going to be a victim of a crime," Chardo said. "And fortunately I think most people are good, and don't actually target other people but it can happen to anybody."
As for Mumma, she said she'll have no problems getting rid of her cameras should something like this ever happen, though, she hopes she doesn't have to.
"I think in today's world where the world of the internet is a very intricate place and there's people with a lot of knowledge and ability, any of our devices aren't necessarily as safe as we think they are," Mumma said.
Sancenito said if you do want to install a camera in your child's room, perhaps use a hardwired camera and put it on a different network than your other devices, or even look into getting a firewall. He also said go with your gut. If the device is cheap and you don't have a lot of confidence in it, don't put it in a sensitive area. Sometimes, we get what we pay for.
No comments:
Post a Comment