Password resets abound after more cyber attacks

Friday, June 24, 2016 - 10:53 by Simon Crisp

The weaknesses of password-based login systems continue to be highlighted this month as yet more businesses admit that their security has been breached, allowing malicious third parties to steal the credentials of millions of users.

The Citrix-owned remote access service GoToMyPC is the latest to be hit by such a breach, admitting that it has had to initiate a universal reset of user passwords in order to avoid further issues, according to BBC News.

As with a number of other recent incidents, GoToMyPC believes that its own systems are not to blame for customer accounts being compromised, but rather claims that it is other hacking incidents carried out against third parties which are allowing cybercriminals to exploit users.

This is a legitimate issue because so many people in the UK and around the world use the same email address and password combination to log into a range of different accounts. From sites that offer safe shopping online to corporate email servers, using identical login details means that once a hacker gets hold of them from one breach, they can compromise every other account belonging to an individual.

Companies including LinkedIn and MySpace have been the victims of historic data breaches that have resurfaced this month. And the message to all web users remains the same; choose a long, complicated password which is difficult to guess and vary this code across different accounts.

Some companies with a focus on safe shopping online have started to look into other forms of authentication in order to allow customers to make purchases without logging in using a password. And the rise of technologies including fingerprint scanning, contactless payments and even facial recognition could help to address this issue in the future, even if shoppers have to take responsibility for picking strong passwords for the time being.