Earlier this week a concerned Astraweb member posted on Reddit to warn others that Astraweb is storing passwords in plain text. He included an email from Astraweb that included the username and password for all three accounts that were tied to his email address. What’s wrong with that? For starters no one should hold you’re password in plain text anymore. You may have noticed that when you forget your password and request help that most companies reply with a link to reset your password. Instead Astraweb replied with every username and password tied to the user’s email address. By storing passwords in plain text Astraweb is putting members at risk. This is especially true for those who reuse the same password on other websites.
There are a number of steps you can take to help protect your online accounts. The first is to use a different password for each account. Long gone are the days of using a single password and keeping it on a post-it note under your keyboard. You would think that practice ended long ago but I recently visited a company that specializes in website development and watched the office manager refer to a post-it note to log into a customer’s project. They proceeded to refer to the same note to log into other customer’s projects. Needless to say that didn’t leave a good impression. Most of us do a better job now a days but there is still plenty of room for improvement. Make sure you use strong passwords and never reuse them. You can use a free password manager like KeePass to help keep track of all your passwords.
The next step is to use multi-factor authentication whenever possible. You may already use two factor authentication to log into work while traveling or for financial institutions. The use of two-factor authentication has grown to include a lot of popular mainstream websites including Facebook, Twitter, Google, Amazon and many more. Most of them use a software token like Google Authenticator. How does it work? You simply install the Google Authenticator app on your iOS or Android device and use it to log into your favorite sites. This keeps anyone from accessing your account. They would need both your password and the rotating code that is presented on your device at the time of login. This is far more secure than just using a password.
There are a number of other steps you can take to help protect your identity online. If you don’t already use a VPN service then we suggest researching them and adding one to help protect your privacy. This is especially true for those who use public wifi networks. Whether you enjoy grabbing a cup of coffee while browsing the Internet or traveling, a VPN is a must. It’s way too easy to log into wifi at a restaurant or hotel and not realize you’re communications aren’t protected. You can take of this by logging into a VPN before using public wifi. A good VPN will also help you avoid censorship and geo restrictions. It’s not necessary for downloading from Usenet. Most providers offer SSL encryption which we recommend enabling in your newsreader.
