CISO Perspective: How to Perform a Password Health Check
keeping-my-information-safe | Read Time: 3 minutes
By Robert Eastwood | Published: July 2022
How safe are my passwords? How do I know if my passwords have been leaked?
These are questions I get asked a lot.
More and more hackers are using leaked passwords to log into websites and apps that you use. They may make purchases, or they may use the information they gather to sell on the dark web or to scammers.
Leaked passwords can be a gold mine for hackers and scammers alike. Before you know it, your information is out there on the internet and its difficult if not impossible to reverse the damage.
What action can you take to protect yourself? Take time out of your busy schedule to perform a password health check!
First ask yourself a few questions:
- Do I use the same password on multiple websites and apps? Like social media, online shopping, and financial accounts?
- Have I changed these passwords on all the sites and apps I use within the last 6 months?
- Do I save my passwords in my browser or app for later use?
- Am I using multifactor authentication whenever possible?
- Have I looked to see if my passwords have been leaked?
One easy way to see if your passwords or other information has been compromised is to check https://haveibeenpwned.com/. Here you can enter your email or phone number and see if your data has been leaked in a data breach.
If you are an iPhone, or iPad user, head over to Settings -> Passwords -> Security Recommendations -> Detect Compromised Passwords. If you do not have this feature turned on simply tap the slider to enable it. You may be surprised what you find. If your passwords have been compromised, take immediate action, and change them.
If you are like me, you probably have a multitude of passwords. Keeping track and remembering them can be a challenge! One very good option is to use a password manager solution. There are many commercially available password management solutions, such as LastPass, DashLane, 1Password or BitWarden. Instead of having to remember many complex passwords, you only need to remember one!
Set a reminder to check your password health frequently and try out a password manager. This could save you from falling victim to fraud and identity theft, which is almost impossible to reverse.
That’s a CISO Perspective.
About the Author – Robert Eastwood
Robert Eastwood is Senior Vice President, Chief Information Security Officer at WSFS Bank. He has more than 24 years of experience in the information security field, including nearly 20 years at WSFS, most recently as Vice President, Information Security Officer, where he developed and executed a multi-year strategic plan for Information Security. He also holds a number of professional certifications and memberships in the Information Services, IT and financial services fields.
Have you ever lost your smartphone or tablet, or maybe even your laptop? Have any of them ever been stolen? It’s certainly not a good feeling. The number of mobile devices lost or stolen each year is in the millions. Sure, it's easy enough to get a replacement. Sure, they can be expensive to replace, but have you ever thought about the true value that device is worth?Read More
Working in the information security field, I am often asked a rhetorical question like, “is anything safe from getting hacked?” My answer is yes. But it is important to examine this a little closer to ensure you’re taking the proper precautions to protect yourself and your information.Read More
As the weather heats up, so does the travel industry. While inflation and other economic factors could make it more difficult to book that dream trip this year, there are ways to vacation on a budget. But as you look for the best deals to avoid your wallet being stretched too thin, it’s vital to beware of “steals.”Read More
Whether it’s a compromised email, ransomware, mail theft, or other criminal attempt, fraudulent schemes continue to trend upward and can cost businesses and consumers alike. Preventing fraud requires vigilance from every employee to protect your company’s finances and information. Here are some tips to help protect your business and yourself.Read More
Instances of fraud have continued to rise in recent years, and it can often seem like scammers are able to stay one step ahead of their victims. As new schemes continue to emerge, it is important for consumers and businesses to remain vigilant to protect their information and bank accounts. Here are some recent fraud trends and tips to help protect yourself.Read More