<img src="https://secure.seem3pick.com/198073.png" style="display:none;">

Enhancing Password Security in Light of Data Breaches

Posted by Philip Tang on Fri, Mar 27, 2015
Philip Tang


Severe data breaches suffered by Sony, Anthem and other companies over the last year further solidify the importance of data security.

Large companies continue to endure targeted attacks.  Earlier this week, Twitch.tv publicly announced they had fallen victim to a data breach that possibly endangered users' personal account information.

So what makes this breach a big deal?  If you haven't heard of Twitch before, here's what they're about: "Twitch is the largest live video platform and community for gamers with more than 100 million visitors per month. We want to connect gamers around the world by allowing them to broadcast, watch, and chat from everywhere they play."

A year ago, the Wall Street Journal published an article analyzing U.S. Internet traffic with data from DeepField.com.  They found Twitch.tv to account for 1.8% of American peak traffic, ranking fourth overall and impressingly beating out companies such as Amazon and even Facebook.  Only three titans saw more traffic than Twitch: Netflix, Google and Apple.

Twitch's rapid ascent has led it to becoming a major player among internet traffic

At the time, Twitch's Vice President of Marketing Matthew DiPietro said the site "is the central hub for the entire video game industry to share their passion for games."

And hackers have breached this massive hub.  A hub that has undoubtedly grown even larger in the past year.

Fortunately, Twitch responded to the attack by providing disclosure to its users.  It dispatched emails detailing the information that hackers may have obtained:

Twitch has disclosed all the user information that hackers may have gained access to in the security breach

Well, at least credit card information isn't on there.  Consolation prize acquired!

In addition to the email, Twitch took action.  For the sake of protecting people's personal data, every Twitch account was forced to undergo a password reset henceforth.  Not only would everyone have to make a new password, but that password would have to be actually strong, determined by their revamped algorithmic rating system.  Otherwise, it would not be accepted.

Essentially, Twitch offered some basic, but eternally useful guidelines on enhancing password security. They used a range of ranked examples to illustrate their point.

A complicated password is the best password.  Even if it's hardly coherent.

The more random a password is, the more effective it becomes.  However, it's a little painful to use symbols and non-letters (!, @, $, etc.) in a password, isn't it?  Passwords are something you often type out manually, and perhaps even from memory.  Symbols don't quite lend to making that process convenient.

But as Twitch recommends, the most secure form of password security may lie within a password manager and random password generator, although they don't recommend any.

Effective password managers tend to be gated by a paywall.  However, LastPass sports a beginner-friendly free version with enough features to help you feel safe, including two factor authentifcation and security alerts (but mobile access comes with a fee).  KeePass is completely free and is even open source, but lacks some features and demands user customization to be truly effective.

Lifehacker produced a helpful chart that can help you determine which manager would suit you best:

Which password manager would most effectively fit you needs?

Ultimately, the wisest course of action is to swiftly change your password to a site when it reveals it has been breached.  Change your passwords used on other sites, too, if they are similar to the one from the compromised site. Password managers will help to facilitate this process.

Sources: http://blog.twitch.tv/2015/03/important-notice-about-your-twitch-account/



Base Image: http://www.systools.org/services/images/application/password-recovery.gif

Tags: Data Security

Subscribe to our BLOG

Recent Posts