By: PDP BLOGMASTER
When you run a company that users have an account with you, it is important to protect their data. Securing their email, password, and other personal data is crucial. Recently, it was reported that Facebook was storing 1.5 million Instagram passwords in plain text. This means that the storage of these passwords were basically the passwords in a word document. There was no encryption of the passwords, which means the password is encrypted into ciphertext (which takes the password and uses a method for turning into something that looks random). The way it is encrypted and decrypted is using a key. The only issue with this is if a hacker can get access to the key, they can decrypt it and have the passwords. So, what should businesses do?
First, they can use salt and hashing. What salt does is take the person’s password and adds to it. This is usually a few letters and numbers. Then, it hashes the password to make it random letters and numbers. The strength of this can also be a downside. Hashing is impossible or really difficult to reverse, so what are other options for businesses? One is to force stronger passwords. One way is to not allow common phrases, such as qwerty or 12345. Other ways are to require an uppercase, lowercase, a number and a character. This ensures the passwords are hard to crack. Furthermore, including 2FA, or Two-Factor Authentication, and restricting the use of old passwords ensures a stronger password and security.
Protecting your customers data is important and the right thing to do. Customers put their information in your hands and expect you to protect it. The lack of protection can cause serious issues. People’s passwords getting taken which could lead to their account being accessed by someone not authorized. Furthermore, it can lead to issues for your company. Lawsuits, fines loss of business and trust are all things that could happen. So being proactive and protecting their information is not onlt the smart thing to do, but the right thing to do.