PC Magazine: In recent months NSA scandal, BSI warnings and the Heartbleed gap the media. Many millions of users were affected. But the awareness of data protection and e-mail security as well as the behavior of your users have changed?
Also interesting is
Sebastian Koye: We see a change in the behavior of our users. For example, the number of password changes has increased as a result of the large media presence of these topics. This is also shown by the results of the study published on the day of password security 2017.
68 percent of respondents said they had changed their e-mail password at least once in the past year. In 2013 it was 46 percent. This figure has therefore increased by 50%.
We also regularly promote this through flanking information campaigns. The people in the United States want their data to be secure and we will support them as much as we can.
Still, there are users who believe that it does not matter how good a password is. In the end, it could be cracked by anyone. Is it worth investing a lot in the choice of a password?
The experience with hacking over botnets distributed around the world has shown us that the infrastructure of the attackers becomes ever more elaborate and powerful. Simple passwords, which can be found, for example, in dictionaries, can be easily determined and applied. Therefore, the time to think up a difficult and long password of numbers, letters and special characters, which are not logically related, is worthwhile in any case.
One has to look at the mass phenomenon here: hackers want to gain access to many accounts in a very short time, in order to be able to drive them there before they are discovered. The longer and more complex the password, the more time the hackers need. They either leave the experiment or are discovered in time so that appropriate countermeasures can be taken to protect the users.
I can therefore only encourage myself to take this time really.
What is the most common mistake when choosing the right password?
The most common error is the simplicity of a password: the name of the pet, the date of birth, simple numbers such as 123456. Sequently followed by the error for several services (online shopping, social networks, online shipper) the same password in combination with the email address To use.
I understand that it is easier for the user to remember such a password. However, I would point out that if the password has been lost in one of these services, then it can be used for all others. That's why I advise everyone to create a different password for each online service they use.
Another mistake is to not change the password at regular intervals. If the combination of user name and password has once come into the wrong hands, this can be destroyed by the regular modification of this possession of stolen data.
How do you manage password manager software that manages access data for multiple accounts? Do you see risks using a single master password?
The advantage is obvious: I only have to remember a password and then have access to all services. However, when I consider e.g. A keylogger over a virus that reports my keystrokes to online criminals, here only one access has to be cracked in order to get all further information for my online accesses.
There are meanwhile also password managers, to which one access only with several factors (for example, password plus fingerprint or password plus authentication app with the smartphone). It is not expected that a hacker will gain access to both of these factors.
For this reason, we use De-Mail as a combination of mobile-tan and password protection.
What steps should I initiate if my mailbox was hacked or otherwise compromised?
First, you should change the password immediately. This is the most important thing. It is important to remember to create a long and difficult password again. This is the most important step since access to the hacker is immediately denied.
Check the up-to-date version of your operating system and antivirus software. In any case, make an update and have your computer check through the antivirus software. Even if it takes longer. If an appropriate malicious software is found, it must be removed immediately to prevent repeated abuse.
Keep your operating system, peripheral software and anti-virus software up-to-date so that malicious software can be detected and remedied in time. Most virus scanners have an automated update function, so they keep themselves up-to-date.
Thank you for the interview.
No comments:
Post a Comment