Dropbox wasn’t hacked. Some of their users just dropped the box…

News, Security

A mixed metaphor never hurt anyone, but when you mix your passwords into everything it’s not going to go well.

Password mixing (reusing passwords) is what many believe was the cause of the recent Dropbox account “breach.” Using the same passwords for everything is a huge problem. A chain is only as strong as its weakest link, and with passwords the same applies. The more websites you use a password on, the more likely it is to be leaked in a breach, and unfortunately, the reach and potential for damages from that breach also becomes greater.

Reused Password Graph

It’s not a difficult concept if you consider it for long. If one password is used on five websites, then that password is five times as likely to be leaked, as there are five times as many locations where that password is being stored. At the same time, that password provides access to five times as many websites, which means that there’s potentially greater than five times the amount of information available to the person accessing it than one account would have on its own. The more information they have, the easier it becomes to gain access to other accounts. This appears to be what happened with Dropbox.

Think of it this way, if I gain access to your email, then I can reset the passwords of almost every account tied to that email. What are the chances that your email contains information about your choice of banking institution, online shopping account, or PayPal perhaps?

This wasn’t a breach of Dropbox’s systems; it was a failure of their end-users’ password management skills. When users reuse their passwords across so many websites, they sow the seeds of their own ruin.

For system administrators, the source of this problem is painfully apparent. Quite often, a system administrator will have to remember ten or more passwords just for their day-to-day tasks. Add onto that the 20 or so personal accounts that need passwords and the 30 passwords needed for various lesser-used accounts and systems, and you wind up with an obscene amount of passwords to remember. Now consider every end-user that the system administrator manages. How many passwords do you think those end-users each have?

This is why password reuse is such a problem. There are just too many passwords for anyone to handle!

That’s why you need some sort of solution to the password problem. Now, there’s no need to hire some developer to build you a password management system, you just need a password management solution. Let’s throw one more factor into the mix. If you’re reading this blog, there’s a good chance that you’re already a Kaseya customer. If so, then make sure that the solution you choose supports a Kaseya integration. That way you can accomplish even more from a single pane of glass.

Only Kaseya AuthAnvil solves that problem, allowing organizations to secure their most valuable asset – their data – by minimizing the risk of password-related security breaches. Learn more about AuthAnvil.

Author Harrison Depner

Laptop with Windows 8 on screen

It’s Time to Get Started on Windows 7 End of Life Migrations

This January, Microsoft will discontinue all support for Windows 7 and Windows Server 2008, including any type of security patches.Read More

Zero Gravity in Office

Secure Your World – Right the Upside Down

The IT Upside Down can be a terrifying place to be in. Dealing with Demogorgon-sized security breaches and Mind Flayer layeredRead More

How MSPs can use Integrated Cybersecurity Solutions to Grow Profits

Back in the early days of managed cybersecurity services, MSPs only needed to offer things like endpoint protection and firewallRead More

Young Asian male frustrated by ransomware cyber attack

Lake City Sacks IT Director Over Ransomware Attack

As the saying goes, when nightmares come true, only then are people truly awake and take notice.   As per aRead More

Connect IT Asia-Pacific - Don't Miss the Premier IT Management Event of the Year - Join Us in Sydney 1-3 October 2019 - Register Now

Archives

Categories