Has my password been compromised?

09-05-2019
  • security

Why you MUST consider 2-factor authentication for your important login information.

Especially In the private medical branch like aesthetic medicine, it’s important to keep your data secure. When you’re handling sensitive data such as electronic patient files on a daily basis, security is of the utmost importance.

Unfortunately these days it’s fairly easy to get the average internet users most common passwords. I’m particularly interested in cyber security, and passwords are something that I hear about a lot. A lot of people get frustrated with passwords, and it’s bad enough when you have to have one really good password that you can remember, but nobody else is going to be able to guess. What do you do when you have accounts on a hundred different systems and you’re supposed to have a unique password for each of these systems? It’s tough, impossible even!

Why do you need different password in the first place? The reality is that a lot of services on the internet simply do not have their security up to snuff. And even when they do, hackers have methods to trick you into giving up your login information, such as phishing (pretending to be another website). You think you’re not active on those kinds of websites? Do you have a LinkedIn account? Because LinkedIn was breached in 2012 with a reported 6.5 million user accounts compromised. That means your LinkedIn password from 2012 is most likely available on the internet for free if you know where to look.

A great way to check if you have passwords out there in the wild is using a service such as haveibeenpwned.com. Simply type in your email address and see if your passwords have been breached at any point.

Password managers
You’re not entirely vulnerable however. With a few good practices you’re already way safer than the average internet user. For starters, using a password manager such as LastPass, 1Password, KeePassX or Bitwarden will do wonders. These allow you to remember just one master-password, which you use to get to the rest of your randomly generated, nearly unreachable passwords. You’ll have a unique password for every service without the frustration of having to remember a hundred passwords.

2-factor authentication
Perhaps more importantly, more and more applications are offering 2-factor authentication. What’s great about it is how safe it makes my more important logins. Protecting the services you care about the most, such as your email, your bank account and your Clinicminds account!

How does 2-factor authentication work? It provides you with a random number on your phone, that you must enter together with your password when logging in. Meaning that if someone has your password, they still can’t login without also possessing your phone. A combination of factors that’s far more unlikely than simply needing to know or crack your password.

Sharing accounts
Another security risk is sharing accounts. Sharing your login information is a major security-risk. No matter how much you trust the person you share it with. You simply lose a lot of control in how your password is used. Using shared accounts is also a major risk! For example you lack the ability to see who does what in your system. In addition when someone leaves the team in question, you can’t easily shut off their access to the account. We thoroughly recommend you avoid sharing accounts whenever possible. Especially on Clinicminds! Creating support-staff accounts is free on Clinicminds, so making sure all your employees have their own accounts is easy and affordable.

Best Practices
In case you feel using a password manager is a bit too intimidating, here’s a few tips to keep your passwords as safe as possible manually:

  • First and foremost: NEVER use the same password (or variant of a password) that you’ve used somewhere else.
  • Use letters, numbers, and symbols in creative ways.
  • Never use common words or phrases!
  • Never use personal information in your password!

 

Asmu,m,&sp! (Abbreviated sentences make unique, memorable, and strong passwords!)
WIw7,mstmsritt. = When I was seven, my sister threw my stuffed rabbit in the toilet.
Itmcwloc&s = I take my coffee with lots of cream and sugar

Longer passwords are better

Subscribe to our blog

  • Should be Empty: