Password Security a Falicy!?
I just read this article from the Boston Globe, and I am very disappointed! It claims that it costs more money to change passwords (and manage them when people forget) than is saves in fraud. This is ludicrous!
The article professes that changing passwords regularly is like changing the locks after your house has been broken into. First off, isn't that what you DO after your house has been broken into? In case they stole a key?
Either way, it's a horrible analogy. If someone has managed to figure out your password, they might be using it without your knowledge. Changing it regularly is the only way to protect yourself from this.
There is a section about how your time is better spent doing other things than managing your password. Your time IS valuable, and the article wants to make sure that the 1 minute a month you might spend changing your passwords on every possible site you know is worth it. They "calculated" a value of $16billion dollars spent for each minute of security prevention. The problem is, if your identity is stolen, you will lose FAR more than 1 minute resolving the issue. It will take you hours on the phone with your lenders and the credit bureaus to sort it all out. A comparison to the bank's costs for fraud is shown, but no mention of the time you would waste sorting it out. Identity theft can also ruin your credit. That could cost you thousands, and thousands of dollars in higher interest loans.
The cumulative costs of fraud may be low enough for the banks to absorb the costs, but what about the costs to the individual who is affected? That's YOU! Isn't it plausible to believe that the cost of fraud is relatively low due to the fact that the majority of people do follow good security practices, and that we are being effective in preventing fraud already? Weakening our defenses will increase fraud, and the author of that article cannot estimate by how much.
The article does not give great examples of things you should do to protect yourself. Fortunately, Prime Insight is here to offer the best suggestions.
First, a strong password is a MUST! This article from LifeHacker.com goes into depth about how and why a strong password is required, and even talks about what IS a strong password.
Second, patches, patches, patches. It is much easier these days to remain up to date with patches. Leave your computer configured to automatically install patches.
Third, a good anti-virus and anti-spyware package. Prime Insight has covered that already here.
Finally, the article mentions phishing scams. If you are not familiar with that term it refers to an email sent to you appearing to be from your bank or another financial provider. However, if you follow the link in the email, you are taken to a malicious site that mimics the bank's site. When you enter your user ID and password, they are stolen by the scammer.
The article talks about checking the URL and certificates, and that's the hard way. Here is the simple way: NEVER CLICK A LINK IN AN EMAIL FROM A FINANCIAL INSTITUTION. It's just that simple. If I get an email from my bank, I close the email, open a browser and go to the bank's site by typing it in. That way, I can verify that I am at the correct site. It's an easy habit to get into, and a practice we strongly recommend.
The article professes that changing passwords regularly is like changing the locks after your house has been broken into. First off, isn't that what you DO after your house has been broken into? In case they stole a key?
Either way, it's a horrible analogy. If someone has managed to figure out your password, they might be using it without your knowledge. Changing it regularly is the only way to protect yourself from this.
There is a section about how your time is better spent doing other things than managing your password. Your time IS valuable, and the article wants to make sure that the 1 minute a month you might spend changing your passwords on every possible site you know is worth it. They "calculated" a value of $16billion dollars spent for each minute of security prevention. The problem is, if your identity is stolen, you will lose FAR more than 1 minute resolving the issue. It will take you hours on the phone with your lenders and the credit bureaus to sort it all out. A comparison to the bank's costs for fraud is shown, but no mention of the time you would waste sorting it out. Identity theft can also ruin your credit. That could cost you thousands, and thousands of dollars in higher interest loans.
The cumulative costs of fraud may be low enough for the banks to absorb the costs, but what about the costs to the individual who is affected? That's YOU! Isn't it plausible to believe that the cost of fraud is relatively low due to the fact that the majority of people do follow good security practices, and that we are being effective in preventing fraud already? Weakening our defenses will increase fraud, and the author of that article cannot estimate by how much.
The article does not give great examples of things you should do to protect yourself. Fortunately, Prime Insight is here to offer the best suggestions.
First, a strong password is a MUST! This article from LifeHacker.com goes into depth about how and why a strong password is required, and even talks about what IS a strong password.
Second, patches, patches, patches. It is much easier these days to remain up to date with patches. Leave your computer configured to automatically install patches.
Third, a good anti-virus and anti-spyware package. Prime Insight has covered that already here.
Finally, the article mentions phishing scams. If you are not familiar with that term it refers to an email sent to you appearing to be from your bank or another financial provider. However, if you follow the link in the email, you are taken to a malicious site that mimics the bank's site. When you enter your user ID and password, they are stolen by the scammer.
The article talks about checking the URL and certificates, and that's the hard way. Here is the simple way: NEVER CLICK A LINK IN AN EMAIL FROM A FINANCIAL INSTITUTION. It's just that simple. If I get an email from my bank, I close the email, open a browser and go to the bank's site by typing it in. That way, I can verify that I am at the correct site. It's an easy habit to get into, and a practice we strongly recommend.
It's obviously what I am looking for , very great information , 徵信社 cheer!
Reply to this
In many ways this blog helps figure out the solution to many problems
Reply to this
I will spend more time today reading this content
Reply to this
Where can i download the news or rss url?
Reply to this
From the main page there is a box of RSS feeds on the right side: http://blog.prime-insight.com/
You can also follow us on: http://twitter.com/prime_insight or Like us at: http://facebook.com/primeinsight
Reply to this