For now, users concerned about leaked passwords and other sensitive information are urged to take a few actions, as advised by CyberNews.
- Use a reputable data leak checker where you can enter your email address to find out if your account may have been caught in a breach. Sites worth trying include Have I Been Pwned, Firefox Monitor, and Avast Hack Check.
- If you know or even suspect that one of your accounts was caught in a data breach, change your password immediately.
- Consider using a password manager to create, store and apply strong and secure passwords for your online accounts.
- Enable multi-factor authentication on any accounts where this method is offered.
- Look out for an increase in spam and phishing emails through which attackers try to use your leaked email address to scam you.
And though passwords continue to seem like a necessary evil, other more secure authentication methods are available, especially for organizations.
“Companies and users need to treat these developments as a wake-up call to end their overblown reliance on passwords,” said Veridium’s chief revenue officer, Rajiv Pimplaskar. “Passwordless authentication methods such as phone as a token and/or FIDO2 (Fast Identity Online) security keys are now commonly available. Such solutions create an un-phishable connection between the user and the IT system and eliminate the need for a password, thereby reducing the attack surface and making the environment more resilient against cyberattacks.”
Contact OFM for strategies to help secure your environment.
Read the full original article here.