Password vulnerabilities - long nerdy post

Kentuckienne

Supporting Vendor
Oct 9, 2016
2,747
1,648
Middle of nowhere (kentuckianna)
Parrots
Roommates include Gus, Blue and gold macaw rescue and Coco, secondhand amazon
Posting this because of the recent DDOS (distributed denial of service) attacks that affected the Internet yesterday. Many people don't realize that common electronic devices which connect online have embedded passwords. If you don't change these while setting up the device, you are vulnerable to hacking or to having rogue software installed on the device.

The most vulnerable item is the router or modem that comes from your internet service provider or cable company. Hackers getting access to these devices can potentially access any device on your home network - including computers, smartphones, and tablets. You could become the victim of "ransomeware" which will encrypt the contents of your devices and delete everything if you don't pay in untraceable Bitcoin by the deadline.

Examples include baby monitors or home security cameras that support smartphone viewing - even if you haven't set that up. Hackers could turn your camera on remotely and record video of you or your baby without your knowledge.

DVD recorders, game consoles and TVs often have connections to the Internet to support on-demand viewing, games, apps ... hackers could access these devices and collect passwords, or install Trojan horses that can be activated in the future to carry out DDOS attacks.

Any "smart" device that is able to go online is vulnerable. Here's why: the device comes with a default user ID and password programmed in. The setup directions will usually advise changing these but sometimes they make it sound optional - and now some are so easy to set up that users might not even need to read the fine manual. If you didn't already do that, please go back immediately and change both the user ID and the password of all these device as soon as you can.

It's important to have a unique password for each device and for every app and every place you sign on. If hackers pick up a password on one of your accounts they will try it everywhere. If they get your email password, because it's the same as your Netflix account they hacked, they might lock you out of your mail while they reset all your other passwords - including those for online banking.

I use a password manage for this. There are several good ones available including LastPass, 1Password, and Dashlane. I've used Dashlane for a long time and I'm very satisfied with the performance, features and security. (PM me if you want a referral link) The others might be as good or better, but I stick with what works for me and I've never used the others. Dashlane keeps a list of IDs and passwords on each of my devices - phone, computer, tablet - in encrypted format. Passwords are only decrypted when needed, and I have to actually sign in with a master password to get to any of the stored information. It synchs the data across all devices, so if I change my email password on the computer the other devices get updated. And it has a web interface so I can securely access passwords on the road. I now have unique usernames and crazy long passwords for every single place I touch the net.You can also keep a paper list of info, especially if you are home a lot.

The best thing is to make long passwords that only you will remember, like Beaks Beget Heartbreak or Why do conures fall in love ... The longer the password, the longer it takes to crack using brute force tools.

A little bit of trouble now might save you a world of hurt in the future. Don't be the victim of punks and of state-sponsored attacks from Russia or North Korea ... Change your passwords!

- from Gus, the Internet Macaw :blue:
 
Thank-you, for this well written Thread with excellent details on protecting oneself and family.

I was aware of the possibilities, but not the depth of the possible access.

Again, thank-you for this important and much needed information! Changes what I am going to be doing over the next few days!
 
Thank you for a timely and very appropriate reminder with explanation! I had no idea of some of your posted vulnerabilities.

My employer passwords change frequently and have case/character requirements, but most of my personal access points have languished for a long while. So many in life to remember, but the potential for harm is devastating!
 

Most Reactions

Latest posts

Back
Top