Tens of thousands of British Airways frequent flyer accounts have recently been hacked. As a result, the airline has suspended all frequent flyer accounts until the issue is resolved. Although it does not appear that personal information has been stolen in addition to air miles, the incident stems from a third party using some account holder information which was acquired elsewhere.
In a move to ensure all customers strengthened their passwords to further protect their accounts, British Airways sent emails to users asking them to click on a link that would reset their passwords. This action caused security concerns as links in emails is a classic hacker move to phish for usernames and passwords.
Avoiding stolen passwords becomes easier with increased password security. Consider the following strategies for creating and maintaining passwords that are difficult to crack:
- Passwords should be at least 8 characters long. The longer the password, the harder it is to guess or crack. Consider using a pass-phrase of 4 or 5 words strung together
- Passwords should contain a combination of characters including upper- and lower-case letters, numbers, and special characters. Again, the longer the better.
- You should never use the same password for your login, email, protected systems, financial accounts, etc.
- Change your passwords frequently. One recommendation is to create new passwords every 60 to 90 days. Ask your support team what the recommended policy is.
- Never use passwords that are easy to guess, such as pet names, addresses, birth dates, etc.
If you feel your password has been stolen, use the following steps for a better response:
- Don’t take any chances. At the first sign or suspicion that your work computer may not be secure, contact your IT support team and follow their instructions.
- If the compromised password is for a service outside the company, call the service provider and ask them to put your account on hold.
- Have your computer thoroughly checked for any key-logging software, spyware, worms, or other malicious software that may be on it.
The most effective password security effort is the effective training of computer users on good password policies. Use the Cyber Threats section of your portal to educate employees on password security, or contact your Client Services representative to learn more ways Preparis can assist you with your cybersecurity efforts.
Marlia Fontaine-Weisse is the Content Manager for Preparis.