Delfigo Security - Strong Authentication

  • Increase font size
  • Default font size
  • Decrease font size
Home IAMblog Security Vulnerabilities Is Changing Your Password Enough?

Is Changing Your Password Enough?

This week many eBay account holders were asked to change their password. This is a common "next step" when users find that their accounts on popular websites have been compromised. The purpose is to change the credentials needed for access so that the compromised credentials can no longer be used. But shortly after the news that eBay accounts had been compromised was released, new vulnerabilities were identified.

Password policies, user education, and even strong encryption, can't address the issue caused by vulnerabilities that allow bad actors to easily access valid credentials and use them to access end user account details. The issue is widespread. It is important for users to understand what the vulnerabilities are, and how the actions to mitigate their risk in a single scenario has an effect on their overall risk and exposure (answer: changing your password is a temporary fix). It's because of this that it is critical that users embrace more advanced authentication methods, including dual or multi-factor authentication, frequently managing passwords and staying educated about the information they provide to retailers, sites, and elsewhere online.