We tend to approach enterprise and consumer Internet of Things devices with skepticism, because of the threat they can pose to security.
However, a recent move by Google’s Nest division has won our respect.
The at-risk data came about due to user negligence, rather than company mishap. These customers were reusing passwords, and these passwords were appearing in lists of breached credentials.
Nest contacted the users and encouraged them to change their passwords and activate two-step verification. The problem with reusing passwords is that cyber criminals will try those credentials on various websites to see what other data they can access. If your Nest account, bank account and email require the same password to login, you should change that.
Reusing passwords is an easy mistake to make, especially because doing otherwise poses an inconvenience. However, even the difficulty of a password doesn’t matter if you are using it for several accounts. Here’s why:
1. Keylogger malware infections
A malware infection including keylogger will track what you are typing at critical times. The malware turns on when you visit certain website and then records the username and password you type in. If you use those same credentials for multiple website, the security of all those accounts has just been endangered.
2. Phishing websites
Have you ever received an email notifying you that you have suddenly been locked out of an account and you need to log in through provided link? That is likely a phishing email. The link may take you to a site that looks a lot like your bank’s, but if you sign in, you will be giving away your password and username.
If you want to check if you have been locked out, type the website’s URL directly into a search engine. You’ll likely find that your account is safe and sound.
3. Insecure Wi-Fi
While “Free Wi-Fi” can seem fortuitous at certain moments, especially when travelling, it is recommended that you only connect to networks that you trust. When you connect to a malicious router or access point and logged into an account there are many ways someone can collect your login credentials.
4. Data breaches
This is the one you’ve probably heard about in the news. Whether due to external attacks or internal mistakes or malicious intent, many companies are forced to confess to their customers that they were unable to protect their data. Cyber criminals can use the information to access other accounts if passwords are used across multiple websites.
The bottom line is you need to use a variety of passwords. Set up a system for remembering your passwords. Should one be stolen, you’ll be able to rest assured that your other accounts aren’t in danger. We have Nest to thank for this helpful reminder.