With countless reports of companies losing control of users’ data, being hacked and putting private information out there for anyone to see, people are paying more attention than ever to exactly how they use online services. The basics of ‘good password policy’ is repeated oft enough for even the non-tech inclined to know they should use different passwords for different services, whether or not they apply it.
The most recent example hitting the headlines this week is TalkTalk in the UK, a communications provider that has revealed that up to four million customers’ personal records have fallen into the wrong hands. Well, it’s not quite sure – it later said that the hack was smaller than first thought, but it has still resulted in customer records being dumped online.
TalkTalk is by no means alone though – it could just have easily been a huge health insurer, Best Buy, a major bank. Or it could have been the hacking of the director of the CIA, or your regular ol’ illicit affairs network.
However, one good thing to come out of these seemingly incessant data breach headlines is that people are starting to wake up to the realisation that they need to go to reasonable lengths to protect their accounts and data.
Sure, you never expect your broadband provider to get hacked, but you should at least know it’s a possibility nowadays. It doesn’t change the onus being on the company to protect your data, but it’s better to have a back-up plan in place rather than just hoping it never happens in the first place.
Over the last year and a half or so, I’ve been using a password manager on mobile and destkop. Not only do I find it useful to only ever have to remember one password, but I always find the form-filling features incredibly convenient. I also particularly like the auto log-in feature on mobile.
As a result, for nearly two years, I’ve been frequently mentioning how much I liked the app to my girlfriend and my best friend. Both quickly tired of hearing about it, but I just found it really convenient so encouraged them both to use the free tier – or to try any of the other options available.
Again, neither pretended to have even a passing interest in entertaining my ‘tech chat.’ And again, that’s totally fair enough.
Fast-forward 18 months or so and I’m looking at a WhatsApp message from the same friend while standing to pay for some things in my local shop.
“What’s that password app that you use?”
While responding to it, stood in my local shop, the regular guy behind the counter asks me if I’ve heard about the TalkTalk hack, and asks (as a subscriber) what he should do.
If there’s one thing that persistent headlines about hacking seems to be doing, it’s finally making ‘non-techies’ realize that the responsibility for looking after their personal data and accounts is a shared task – one that, if you bother to keep on top of, minimises fuss when the worst does happen.
If I’d been a TalkTalk subscriber, I’d have had to change precisely one password today and could be safe in the knowledge that the rest of my accounts would remain safe, even if my partial credit card details are now potentially floating around somewhere.
Ordering a new card isn’t the end of the world.
The average mainstream user might not quite be switching on two-factor authentication (something I do wherever possible) just yet, but give it another year and a few more high-profile hacks and we might just get there.