How Breaches Outside of Williams Affect You

How to keep your data safe when your accounts at major sites are compromised.

Yahoo!, Dropbox, MySpace, Pandora, LinkedIn…these are just a few of the sites which have had data breaches.

How do you keep your own data safe?  To start it is important to have strong and unique passwords!

You may have set up an account with one of these services years ago and then forgotten about it. The New York Times has an illuminating guide on which services have been hacked and what specific information has been exposed:

http://www.nytimes.com/interactive/2015/07/29/technology/personaltech/what-parts-of-your-information-have-been-exposed-to-hackers-quiz.html?_r=0

Although those breached sites have already taken action and may have already alerted you to the problem, you are still at risk if you used the same or similar password for Williams, online banking, or online shopping sites like Amazon. If you did reuse passwords, we recommend that you change them as soon as possible. Please contact us if you are concerned about exposure or need assistance in changing your college password.

How can you protect your own data during a time when large well respected services can be breached?

  1. Use two-factor authentication, which is supported by Google, LinkedIn, Twitter, Facebook, and many others. See https://twofactorauth.org/ for a big list. If logging on to an account requires both a password and phone verification, then a hacked or exposed password is much less of a threat to you. To protect your Williams account see: http://oit.williams.edu/help-docs/2-factor-authentication/
  2. Don’t reuse passwords.  Most people will have one main email account which is used to set up many other online services, like online banking, or vendors which will store your credit card information, like Amazon.  It is very important that the main email account have a unique and strong password!   With your main account you can initiate a “forgot my password” reset on your other accounts.   So if someone gets your main account password, they can also gain access to those other accounts.
  3.  If you have trouble managing dozens of passwords, use a password manager like LastPass which will help keep your passwords unique and securely saved.  The free version is more than sufficient for most people:  http://www.lastpass.com  For more options and information on other password managers see:   https://oit.williams.edu/files/2016/09/PasswordManagers-pdf-1.pdf
  4. To avoid having your password guessed or cracked use a complex password or passphrase.  Tips on how to create and manage complex passwords are available at:  http://oit.williams.edu/help-docs/creating-a-strong-and-unique-password/