Account & Password Maintenance

Account & Password Maintenance


Password been compromised?

You may get emails from service providers notifying you that your password has been detected in compromised password lists. These lists are made public from data leaks of public website services or companies that have lost your information to malicious persons.

You can manually check your email address used with public checking sites like this one: https://haveibeenpwned.com/ - Enter your email address into this website provided and see if that address was part of a previous data leak - If your email has been confirmed to be in a public password list, go and change your passwords for all services using your email address.

Password Creation

Generate a new password you can remember by combining two or more completely unrelated words together with a few numbers or odd characters added to ensure the password ends up longer making it to complicated to guess - example: Examp1eGuru2 or FordMoneyLint3

Changing passwords often is a good habit provided you change more than 50% of the password characters used each time, changing from mypassword1 to mypassword2 isn't good enough, this is too easy for malicious persons to guess.

Use "2 factor Authentication" - Even if your password is known by malicious individuals, the malicious party will not gain access by direct password entry only (You should still change the password).

Account Maintenance

As a precaution, make a list of all the services used by yourself or staff members. Your information like Date-Of-Birth and Credit Card may be stored with a website service and could be used for fraudulent activity without your knowledge when information loss occurs.

Staff may innocently upload content/documents to external services and as time moves forward this information remains resting on a online service somewhere, this perfect opportunity for malicious persons to steal important information that you may be un-aware of by using a stolen password.

Account Privacy

When yourself or a client/customer/staff member submits information to a service regardless if online via the internet or a physical entity, that entity is responsible for keeping this information private from external persons not authorised. In the event of information loss to external persons, the entity must inform the users of that service the event has occurred and what information was taken.

If that entity has discovered a leak of information has occurred, you will need to change your password as soon as possible.

Issues exist where
  1. You as the customer/client will not know how long ago the information was leaked or stolen other than what was reported (if recorded at all).
  2. If you own/operate a company or service storing customer information, internal information theft may occur and this information can possibly be later leaked with your existing letterheads. Additionally staff movement between employment may provide information to a entity you yourself never engaged with. (Screenshots, document copying to external storage, document uploading to public internet service, mobile phone cameras etc)
  3. Computer equipment not wiped securely before disposal.

Summary

Human mistakes do happen (unfortunately), but its important to know what information you are storing externally of your computer/documents folder to understand the issues you may need to rectify.

In the event enough information is found...
  1. To rebuild a false identity
  2. Be able to pose as someone important to do financial theft like changing bank number account for payment on high value email conversations
These few examples alone can cause serious damage to you or your business via financial and time losses.

Please get in touch with a trusted technical person and discuss how to prevent this information loss from occurring. If you expect your information to be stolen tomorrow, you will plan today.





    • Related Articles

    • Connect your mobile device using Microsoft ActiveSync

      Article: Technical Rating 2 Prerequisites knowledge of your own email address, password, additionally, your mail server address details may be required. If you have a working device near you that uses the same email system (a friend or work ...
    • SMTP Delivery Service

      Article: Technical Rating 3 Our in-house email service has the service option for SMTP delivery for on-premise services and devices. Benefits Built-in email archive for auditing and re-delivery, many SMTP services charge extra for email archiving for ...
    • Customer and the Technician Relationship

      Make it a team effort Technical issues get the best of all of us at some point, some things seem cryptic to the untrained eye, others are new issues created by software updates. There is a knowledge gap and a growing in-convenience (and costs) being ...
    • ESET - Removing Software from a Windows computer

      Article: Technical Rating 2 Removing ESET from Windows System If you need to find the Applications installed list, see link: https://help.supportu.nz/portal/kb/articles/removing-applications-on-windows-10 Note, the business application will have the ...
    • Microsoft Outlook - Create a PST Archive File.

      Article: Technical Rating 2 Create a Microsoft Outlook PST Archive Having a archive of emails can be done manually or automatically via third party software and Outlook itself does have a automatic time based archive to PST solution, however as many ...