Welcome!

API Journal Authors: Pat Romanski, Liz McMillan, Elizabeth White, Kevin Benedict, Anders Wallgren

News Feed Item

F-Secure Shares How to Avoid Changing All Your Passwords Every Time There's an Online Attack

Security Experts' Dirty Little Secret: They Don't Change Their Passwords Very Often, Because They Don't Need To...

SAN JOSE, CA -- (Marketwired) -- 08/19/14 -- Did you know 1.2 billion passwords were reportedly stolen by Russian hackers? Before that it was Heartbleed. After a widespread, nonspecific data breach, the conventional wisdom is that people should change all their passwords. But according to F-Secure Labs, there's a better way. With the right password management habits, you won't need to change all your passwords every time you hear about an online attack.

"Changing all one's passwords won't hurt, but it is cumbersome. Not only that, it's a Band-Aid fix that stops short of offering a stronger and more long-term solution," said Sean Sullivan, security advisor at F-Secure Labs. "Data breaches are the new reality, and it's no longer a question of if it happens to you, but when." Sullivan says rather than being told to change all their passwords, consumers need practical advice worth following. So when the next breach is disclosed, they will be in control and will only need to change those passwords they know are affected.

"The dirty little secret of security experts is that when there's a data breach and they recommend to 'change all your passwords,' even they don't follow their own advice, because they don't need to," continued Sullivan. "Unless I find out about a breach with a specific account, I don't worry about my passwords. That's because I use a tool to remember my passwords for me, and a few simple techniques that help to manage my accounts so as to minimize the risk."

So what are the successful strategies to avoid the hassle of changing passwords constantly? Sullivan points out a few key things:

Diversify to reduce your risk. Segregate your accounts by creating separate email addresses for different functions. For example personal, professional, financial. That way if one email is broken into, it won't compromise all your other information too. "Why not have a separate email address for your financial accounts? Then don't give that address to anyone but those financial institutions," Sullivan shares. A bonus: if you get banking-related email in your personal account, you'll know immediately that it's not legit.

When possible, use a different username than your email. Some services let you pick a unique username other than your email. When possible, it's good to take this option as it's that much more info a hacker needs to know. And use two-factor authentication when available.

Use a unique password for each online account. Using the same password to access different accounts is rolling out a red carpet for hackers. If a password for your Facebook account is stolen, criminals can hop over to your email and other accounts and try the same password there.

Don't give online accounts any more data than is absolutely necessary. The less that is there to be compromised, the better.

If you are notified about a breach to a specific account, change that password. This goes without saying.

Changing your account password habits may take a little effort, but in the long run it's easier and less stressful than having to change all passwords after news of every breach. And it's worth it to keep your personal data and online identity safe. Sullivan suggests starting small, taking care of one account at a time and building up until all your passwords are handled.

"This is the post-PC issue people need to worry about because all their accounts are in the cloud," states Sullivan. "There are two types of people in the world: Those that manage their accounts well, and those who are going to be in a world of trouble. Which group do you want to be in?"

It's easy with the right tools

Then how does one remember so many unique passwords and log-ins, and manage them effectively? F-Secure's password manager, F-Secure KEY, makes sure proper password management is as easy and painless as possible. With F-Secure KEY, there's just one master password to remember, so it's easy to have a unique password for each account. Usernames, passwords, PIN codes, and other important data are stored in one secure app.

F-Secure KEY now has a completely updated and refreshed mobile version. The new mobile user interface features a Favorites ring that makes it easy and fast to access all one's most commonly used account credentials. All versions of F-Secure KEY help you generate unique, strong passwords. KEY includes a news feed from F-Secure Labs, so you can stay up-to-date on major hacking incidents. Strong encryption protects all your data.

F-Secure KEY is free to download and use on any device -- Android, iOS, Windows, and Mac. To use Key with the same master password on an unlimited number of devices and sync passwords across devices via a secure European cloud, upgrade to the premium version, starting from $1.84 per month. F-Secure KEY is available via the Apple App Store, Google Play, and at f-secure.com/key.

Get the app!

More information
Infographic: Dealing with Passwords
Safe & Savvy: 1.2 Billion Passwords Stolen, But Does it Affect Me?

F-Secure -- Switch on freedom

F-Secure is an online security and privacy company from Finland. We offer millions of people around the globe the power to surf invisibly and store and share stuff, safe from online threats. We are here to fight for digital freedom. Join the movement and switch on freedom.

Founded in 1988, F-Secure is listed on NASDAQ OMX Helsinki Ltd.

f-secure.com | twitter.com/fsecure | facebook.com/f-secure

Media Contact:
Mark Karayan
LEWIS PR for F-Secure
415.432.2400

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@ThingsExpo Stories
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, wh...
"delaPlex is a software development company. We do team-based outsourcing development," explained Mark Rivers, COO and Co-founder of delaPlex Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
"We work in the area of Big Data analytics and Big Data analytics is a very crowded space - you have Hadoop, ETL, warehousing, visualization and there's a lot of effort trying to get these tools to talk to each other," explained Mukund Deshpande, head of the Analytics practice at Accelerite, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Cloud Expo, Inc. has announced today that Andi Mann returns to 'DevOps at Cloud Expo 2016' as Conference Chair The @DevOpsSummit at Cloud Expo will take place on November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. "DevOps is set to be one of the most profound disruptions to hit IT in decades," said Andi Mann. "It is a natural extension of cloud computing, and I have seen both firsthand and in independent research the fantastic results DevOps delivers. So I am excited t...
IoT offers a value of almost $4 trillion to the manufacturing industry through platforms that can improve margins, optimize operations & drive high performance work teams. By using IoT technologies as a foundation, manufacturing customers are integrating worker safety with manufacturing systems, driving deep collaboration and utilizing analytics to exponentially increased per-unit margins. However, as Benoit Lheureux, the VP for Research at Gartner points out, “IoT project implementers often ...
The cloud promises new levels of agility and cost-savings for Big Data, data warehousing and analytics. But it’s challenging to understand all the options – from IaaS and PaaS to newer services like HaaS (Hadoop as a Service) and BDaaS (Big Data as a Service). In her session at @BigDataExpo at @ThingsExpo, Hannah Smalltree, a director at Cazena, provided an educational overview of emerging “as-a-service” options for Big Data in the cloud. This is critical background for IT and data profession...
Machine Learning helps make complex systems more efficient. By applying advanced Machine Learning techniques such as Cognitive Fingerprinting, wind project operators can utilize these tools to learn from collected data, detect regular patterns, and optimize their own operations. In his session at 18th Cloud Expo, Stuart Gillen, Director of Business Development at SparkCognition, discussed how research has demonstrated the value of Machine Learning in delivering next generation analytics to imp...
Whether your IoT service is connecting cars, homes, appliances, wearable, cameras or other devices, one question hangs in the balance – how do you actually make money from this service? The ability to turn your IoT service into profit requires the ability to create a monetization strategy that is flexible, scalable and working for you in real-time. It must be a transparent, smoothly implemented strategy that all stakeholders – from customers to the board – will be able to understand and comprehe...
When people aren’t talking about VMs and containers, they’re talking about serverless architecture. Serverless is about no maintenance. It means you are not worried about low-level infrastructural and operational details. An event-driven serverless platform is a great use case for IoT. In his session at @ThingsExpo, Animesh Singh, an STSM and Lead for IBM Cloud Platform and Infrastructure, will detail how to build a distributed serverless, polyglot, microservices framework using open source tec...
Connected devices and the industrial internet are growing exponentially every year with Cisco expecting 50 billion devices to be in operation by 2020. In this period of growth, location-based insights are becoming invaluable to many businesses as they adopt new connected technologies. Knowing when and where these devices connect from is critical for a number of scenarios in supply chain management, disaster management, emergency response, M2M, location marketing and more. In his session at @Th...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
IoT is rapidly changing the way enterprises are using data to improve business decision-making. In order to derive business value, organizations must unlock insights from the data gathered and then act on these. In their session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, and Peter Shashkin, Head of Development Department at EastBanc Technologies, discussed how one organization leveraged IoT, cloud technology and data analysis to improve customer experiences and effi...
Basho Technologies has announced the latest release of Basho Riak TS, version 1.3. Riak TS is an enterprise-grade NoSQL database optimized for Internet of Things (IoT). The open source version enables developers to download the software for free and use it in production as well as make contributions to the code and develop applications around Riak TS. Enhancements to Riak TS make it quick, easy and cost-effective to spin up an instance to test new ideas and build IoT applications. In addition to...
The idea of comparing data in motion (at the sensor level) to data at rest (in a Big Data server warehouse) with predictive analytics in the cloud is very appealing to the industrial IoT sector. The problem Big Data vendors have, however, is access to that data in motion at the sensor location. In his session at @ThingsExpo, Scott Allen, CMO of FreeWave, discussed how as IoT is increasingly adopted by industrial markets, there is going to be an increased demand for sensor data from the outermos...
CenturyLink has announced that application server solutions from GENBAND are now available as part of CenturyLink’s Networx contracts. The General Services Administration (GSA)’s Networx program includes the largest telecommunications contract vehicles ever awarded by the federal government. CenturyLink recently secured an extension through spring 2020 of its offerings available to federal government agencies via GSA’s Networx Universal and Enterprise contracts. GENBAND’s EXPERiUS™ Application...
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, explored the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences between wh...
Presidio has received the 2015 EMC Partner Services Quality Award from EMC Corporation for achieving outstanding service excellence and customer satisfaction as measured by the EMC Partner Services Quality (PSQ) program. Presidio was also honored as the 2015 EMC Americas Marketing Excellence Partner of the Year and 2015 Mid-Market East Partner of the Year. The EMC PSQ program is a project-specific survey program designed for partners with Service Partner designations to solicit customer feedbac...
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discussed how businesses can gain an edge over competitors by empowering consumers to take control through IoT. He cited examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He also highlighted how IoT can revitalize and restore outdated business models, making them profitable ...
There are several IoTs: the Industrial Internet, Consumer Wearables, Wearables and Healthcare, Supply Chains, and the movement toward Smart Grids, Cities, Regions, and Nations. There are competing communications standards every step of the way, a bewildering array of sensors and devices, and an entire world of competing data analytics platforms. To some this appears to be chaos. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Bradley Holt, Developer Advocate a...
SYS-CON Events has announced today that Roger Strukhoff has been named conference chair of Cloud Expo and @ThingsExpo 2016 Silicon Valley. The 19th Cloud Expo and 6th @ThingsExpo will take place on November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. "The Internet of Things brings trillions of dollars of opportunity to developers and enterprise IT, no matter how you measure it," stated Roger Strukhoff. "More importantly, it leverages the power of devices and the Interne...