We use software in every part of our lives. Wherever you look, you see software! On your computer, tablet, phone, and even in the microwave, you’re probably heating your lunch in while reading this article! Software is in many things even if we do not see it. Software, in general, is ubiquitous.
The software we would like to discuss here is any software that requires a login. A log-in that hopefully is unique, complex, and is not used for anything else – also stored in a secure Password Manager – but that’s for another day! When we register to access a web-based software, so eloquently referred to as Software as a Service (SaaS) with our username, usually our email, and our password, they are both stored in a database somewhere in the cloud (a bunch of servers at a datacentre behind heavy security measures and many power, hardware, and internet redundancies). Here’s the problem, we enter our passwords and trust the companies that store them, but the unfortunate truth is that hackers like SaaS products themselves and see them as a prime hacking target. What’s in it for them? They hack a database, pull a full list of user information that normally includes logins, and then sell it to the highest bidder on the Dark Web.
Many SaaS users are guilty of using the same password on multiple applications, email accounts, etc… Here’s where the issue lies, your password is compromised which may compromise other accounts and possibly your primary email password – your primary email is used as a means of recovery of your online web apps. This alone can get you in a tough situation.
Let’s consider a hypothetical situation. You use your email password for multiple online accounts including online banking. The software provider’s system is hacked, and your password is amongst a multitude of data that was stolen. Many companies do not inform their users of an attack in real-time making it harder for you to know that your password, your online banking password (in other words), is out there for a period of time until the software company informs users of the attack and ask that they change their passwords. From the time the system is hacked until you change your password can be an eternity for hackers, so you need to stay on top of your own security to the best of your ability. Don’t get me wrong, no one is perfect. But still, things that are out of our control happen. We just need to have a game plan for when (not if, when) it happens.
One of the best ways to stay on top of your security, apart from having very secure and complex logins until a very strong password-less system is created is to monitor your logins. The best things in life are free such as our family’s love, our relationships with our friends and loved ones, and being able to check if our passwords have been compromised using https://haveibeenpwned.com. Register your email so you are informed if your credentials become compromised.