{"id":1702,"date":"2014-04-16T16:56:37","date_gmt":"2014-04-16T16:56:37","guid":{"rendered":"http:\/\/kasperskydaily.com\/b2b\/?p=1702"},"modified":"2020-02-27T03:41:46","modified_gmt":"2020-02-26T16:41:46","slug":"the-heartbleed-scare-the-quest-of-changing-passwords","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.au\/blog\/the-heartbleed-scare-the-quest-of-changing-passwords\/1702\/","title":{"rendered":"The #heartbleed scare: the quest of changing passwords"},"content":{"rendered":"<p>The <a href=\"https:\/\/business.kaspersky.com\/addressing-the-heartbleed-panic-advice-for-small-business-owners-2\/\" target=\"_blank\" rel=\"noopener nofollow\">#heartbleed bug scare<\/a> has one positive outcome: it has created a necessity for a global password change \u2013 everywhere, right now. Passwords these day are the primary security tool used in IT, but they have their weaknesses\u2026 Or rather it\u2019s the way people handle them that is the weakest point: short, easy-to-guess, used multiple times \u2013 is a \u2018popular\u2019 problem.\u00a0 According to a <a href=\"https:\/\/business.kaspersky.com\/the-splendors-and-miseries-of-passwords-on-the-web\/\" target=\"_blank\" rel=\"noopener nofollow\">survey<\/a> by Kaspersky Lab and B2B International, approximately 39% of users around the world prefer to use one or a few passwords for a whole range of resources. Also, 63% of respondents in the same survey admitted that their passwords are generally easy to guess.<\/p>\n<p>The bug, which looks like one of the largest security sinkholes ever, scares security experts and well-informed users alike. So it\u2019s time to do something. Actually, we are most likely going to have some laborious, lengthy and, at times, less-than-pleasant adventures ahead. This is especially true for small businesses, given that there are often no dedicated admins and people have to take care of their own passwords and overall security.<\/p>\n<p>Well, the first thing that we should do is identify what really affects our data security. For small businesses the correct answer is short: everything. Everything, because people mostly use their own laptops and mobile devices for both work and personal needs, so unless there is a security solution in place that isolates personal data from working files, any visit to a malware-infested website may, in theory, result in the compromise of your operations. The safest bet is to presume that all of the services on the Web that you use may be compromised \u2013 for whatever reason.<\/p>\n<p>So for starters, we change passwords to our e-mail. Both working and personal, especially if they are used for password recovery (possibly even mutual).<\/p>\n<p>But then we are going to have a clear \u2018butterfly effect\u2019: after a primary work e-mail password is changed, many more should be replaced too: there are collaborative software and services such as Microsoft Exchange or Google Drive, which are accessed via e-mail and Google accounts. Also there are Apple accounts that connect all of a user\u2019s Mac OS X and iOS-based devices.<\/p>\n<p>Then there are social networking sites with both personal and corporate accounts. Almost every business today uses them to get in touch with their customers. Apparently cybercriminals also use these sites to get closer to you, your money and data.<\/p>\n<p>All modern browsers have an option of storing your passwords and filling them in for you automatically. Let\u2019s think about how many websites we frequent\u2026 it\u2019s most likely quite a few. How many similar (not the same, but still similar) passwords are used for them? If they are used for both public Web resources <i>and <\/i>personal e-mail, it\u2019s up to the crooks\u2019 guesswork to find their way into your primary business e-mail and then into your company\u2019s other resources. And, you see, they are often very good guessers. Experienced ones.<\/p>\n<p>By the way, Kaspersky Lab has an <a href=\"https:\/\/www.kaspersky.com.au\/blog\/password-check\/\" target=\"_blank\" rel=\"noopener\">online tool<\/a> to test passwords\u2019 strength.<\/p>\n<p>As a matter of fact things actually are much easier with solutions like Kaspersky Small Office Security, which is equipped with an advanced Password Manager. It allows you to generate unique and unguessable passwords for a whole range of resources you frequent, stores them in an encrypted form and provides you with a single Master Password \u2013 the only one to remember. You can find more about it <a href=\"https:\/\/business.kaspersky.com\/password-management-in-kaspersky-small-office-security\/\" target=\"_blank\" rel=\"noopener nofollow\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>There is one somewhat positive outcome from the ongoing #heartbleed scare: the password security issue is back in focus. How big is the &#8216;adventure&#8217; of changing all passwords going to be? <\/p>\n","protected":false},"author":209,"featured_media":16210,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,2994],"tags":[588,187],"class_list":{"0":"post-1702","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-heartbleed","10":"tag-passwords"},"hreflang":[{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/the-heartbleed-scare-the-quest-of-changing-passwords\/1702\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/the-heartbleed-scare-the-quest-of-changing-passwords\/1702\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/the-heartbleed-scare-the-quest-of-changing-passwords\/1702\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.au\/blog\/tag\/heartbleed\/","name":"Heartbleed"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/1702","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/comments?post=1702"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/1702\/revisions"}],"predecessor-version":[{"id":26291,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/1702\/revisions\/26291"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media\/16210"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media?parent=1702"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/categories?post=1702"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/tags?post=1702"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}