Password Lessons Learned from Sony Breach

When I was at AOL I spent considerable effort fighting for stronger passwords. There was a “discussion” with marketing on “security versus convenience.” An analysis of the Sony breach by Troy Hunt (http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html) showed a number of things to take note of:

  • Sony had stored over 1M passwords in “plaintext.” The first lesson in “cybersecurity 101” is never do this.
  • 2/3’s of users that had accounts at both Sony and Gawker (another site recently breached) used the same password on both sites. The second lesson is don’t resuse passwords.
Advertisements

About infoguardianangel
The consumer and corporate information guardian angel. Cybersecurity and privacy advice for my clients (and anyone else who cares about protecting their data or their companies).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: