If you have been active on the internet for some time, you will have used many different usernames and passwords more than you care to remember. But what happens when you try to log in to one of those sites and you can't seem to remember your password. Different sites use varying methods to help remember your password - some even require that you submit your mother's maiden name during the initial account set up.
Others in the other hand - especially Google, lately require that you submit a valid phone number so that when you forget your password, it can easily be sent to the number you selected.
But what has now been under heavy scrutiny lately is that some online heavy weights are emailing customers' passwords via email in plain text form. The fact that they can do this means that anyone in the company with access to the database can just as easily see these passwords in plan text as well.
One of such companies is Tesco. The company came under fire only when a researcher discovered that the company, for a very long time, has been sending password to users in unencrypted plain text. Of course this totally goes against security best practice. What this means is that if a hacker manages to get their hands on the data, everything would be in plain text. Although, this is a major security issue, this alone does not necessarily mean that their system is open to compromise.
Seeing that other high profile companies like Yahoo! and LinkedIn have fallen victim to hackers, every company should by now be reviewing their online security and how user details are managed.
However, one simple step that users can take to make sure they are not too vulnerable to identity theft and hackers getting their hands on their vital personal details is to use different usernames and passwords for every sites.
Subscribe to:
Post Comments (Atom)
Post a Comment