The official blog of DLC Technology

Password importance and Comcast’s lesson

Home/Blog Posts/Password importance and Comcast’s lesson

Password importance and Comcast’s lesson

Recently it was revealed that Comcast, on their Xfinity mobile platform, used a default PIN of “0000” on all accounts to restrict the porting of phone numbers.  Once this was made known, customers were having their numbers stolen – or ported – to other carriers without their permission.

Comcast fixed the issue by adding additional required information to port a number.

However regarding the actual customers effected they cited password reuse as a suspected reason for the incidents.  Password reuse allows bad actors to easily access your other accounts where you’ve used the same password!   In this case, allowing the same fraudsters to easily access your Xfinity account to get your address, account number, and other information – giving them everything needed to port your number away without your permission.

The same could happen with any other service where you have used the same password.  This is not limited to any one service provider or company.

The Solution?

Use of a Password Manager to track all passwords and ensure that they are unique for each and every site is the current mainstream recommendation.

[ The full article on this can be read here:  Comcast Mobile: default PIN 0000 and password reuse ]

So what about Password Managers?

We love them.  We believe everyone should use one.

They allow you to not only store securely all of your passwords in one place, but they also allow you to create computer-generated randomized passwords that are unique to each site!  This is critical for security in today’s climate.

The machine generated feature cannot be understated.  Humans will tend to be lazy and make a base password and use a formula to derive a unique password.  Like making your password Holly555TARGET for Target’s website, and Holly555TD for your TD Bank login.  Criminals are smart and will figure this out in a second.

In addition, multi-factor authentication is a great way to further secure each site.  This requires you to enter not only your password, but also a constantly changing code from an app on your phone like Google’s Authenticator, or from a text message you receive in real-time.

Password managers can also store and maintain those multi-factor authentication codes, eliminating the need for a separate app or text message!  Making all this security rather easy.

What do we recommend?

We have had great success with 1Password.  And, being that we support Macs, PCs, iOS, and Android alike – love the fact that their product family spans all those devices.  I have it installed on everything I own, with a complicated set of passwords to secure it all.
{Note: we aren’t paid for this endorsement… it is a genuine success story}

What is your favorite password management strategy?

Tell me about your favorite password management product via twitter  

 

By |March 5th, 2019|Blog Posts|

About the Author:

Amplifying the value of technology and enhancing business performance are what I do best. My 20-plus years in IT and business management have shaped my understanding of best practices that leverage technologies to increase my clients' profitability and success.