Yahoo gives away passwords

July 16, 2012

How to, Technology, Virus Alert

In a company statement Yahoo! stated, “At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products.”

If that is the case then Yahoo! should explain why it stored users ID and passwords with encryption and allowed 400,000 user accounts to be stolen and why these passwords were in the open and not behind a firewall.

As a past CEO and CIO, I am extremely dumbfounded. Companies have security policies that must be followed and normally practice these procedures several times per day. Most companies now have a CSO (Chief Security Officer) and security team in place to ensure this type of blunder is avoided.

User account and data should always be encrypted and stored behind a firewall. Protecting user account information is always one of the top three on any security list. How could a company the side and stature of Yahoo! become victim to such a moronic move? Yahoo! fatally failed!

Yahoo! downplayed the incident by claiming the leaked data was part of Yahoo! Voice services and less than five percent of the data was affected.

As we learn more about this blatant security breach, now is a good time for you to change your passwords. You – as a user have a responsibility to protect your data as best as you can. This is normally done by ensure your passwords are strong enough to stand up against hackers.

The top ten passwords and ones you should avoid are:

  1. 123456
  2. password
  3. welcome
  4. ninja
  5. abc123
  6. 123456789
  7. 12345678
  8. sunshine
  9. princes
  10. qwerty

Password security do’s and dont’s

Do’s

Use a password if you share a computer with other users. If you don’t you are risking other people having access to your personal information, deleting files or even using your account to pretend to be you online.

Have different passwords for different things – don’t use the same password for every application or service.

Dont’s

Write your password down – if you can try to memorize it. If you can’t remember your password and do have to write it down, try to disguise it, leaving it in a secure place.

Don’t choose an obvious password – e.g. your name, or a family member’s or pet’s name, your date of birth, telephone number, the current month or ‘password’. It’s very easy for someone to guess all of these.

Keep the same passwords – change them every once in a while and don’t re-use a password for at least a year.

If you would like, we provide a Free Technical Assessment, this can be beneficial to new and startup companies that are not sure where to start. You can always find our cloud and hosted services in the right column of this page or by simply going to our website at Raven Cloud Computing.

, , , , , , , , , , ,

About Barry Bestpitch

Barry Bestpitch has helped a wide range of businesses launch, re-brand, and flourish. Barry has worked in various business development , marketing positions and executive staff positions, he is experienced in all media and in small and large scale marketing. He is strong at writing business plans and proposals as well as aiding with your funding search. Barry has acted as a coach and mentor to many business owners and executives.

View all posts by Barry Bestpitch

Subscribe

Subscribe to our RSS feed and social profiles to receive updates.

One Comment on “Yahoo gives away passwords”

  1. URL Says:

    Can I basically say exactly what a relief to get someone who in fact knows what they’re dealing with on the internet. You in fact know how to bring a difficulty to light and make it critical.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: