The Weekly breach Breakdown Podcast by ITRC - Open Sesame - S4E13

Show Transcript

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for May 26, 2023. Thanks to Sentilink for their support of the podcast and the ITRC. Each week, we look at the most recent events and trends related to data security and privacy. This week, we discuss the importance of strong passwords, passphrases and passkey protection. In particular, we talk about news from Google on the implantation of passkeys, possibly meaning the end of passwords.  

Whether to keep ancient treasures safe from thieves or guard secret speakeasies, passwords have been used as the first line of defense against bad actors. However, these days, you’ll need something stronger than ‘Open Sesame’ to keep identity thieves at bay.

The Importance of Strong Passwords

Passwords are a crucial aspect of online security. Keeping them safe is your first line of defense against bad actors. One recommended way to keep your accounts secure is using passphrases instead of traditional passwords. Passphrases are longer than typical passwords and consist of multiple words – usually a saying you can remember. It makes them easier to remember and more challenging to crack.

Experts recommend that passphrases be at least 12 characters long and contain a mix of upper and lowercase letters, numbers, and symbols. It ensures they are strong and secure enough to protect your accounts from unauthorized access.

What Are Passkeys?

You may have also heard of passkeys. Passkeys are a newer way to sign in to apps and websites. Passkeys let users sign in to apps and sites the same way they unlock their devices: with a fingerprint, a face scan or a screen lock PIN or pattern. Unlike passwords, passkeys are resistant to online attacks like phishing, making them more secure than SMS one-time codes.

Google Begins Rollout of Passkeys

For the first time, Google has begun the rollout of passkeys, which could mean the end of passwords. Last year, Google, Apple, Microsoft and ITRC partner the FIDO Alliance announced they would begin work supporting passkeys on their platforms. On Google accounts, there will be an additional option to sign in, alongside passwords and multi-factor authentication (MFA). They can be tried out at g.co/passkeys. For Google Workspace accounts, administrators will soon have the option to enable passkeys for their end-users during sign-in.

Passkeys and Passphrases Keep Your Online Accounts Secure

Remember, a strong password is your first line of defense against cybercriminals. By using passphrases or passkeys and following best practices for password safety, you can keep your online accounts secure and protect your personal information from theft or misuse. It is also still important to create different passphrases for every online account and enable MFA with an app when possible. You should avoid using the same or similar passwords for work and personal accounts and never share login credentials with others, even trusted family members.

The ITRC is an excellent resource for learning more about password safety and identity theft prevention. We can offer tips and advice on creating strong passwords, securing your accounts and protecting your personal information online. While passkeys continue to evolve, it is not the end of passwords – yet.

ITRC Breach Alert for Business Coming Soon

The ITRC continues a beta test of a new service for businesses, Breach Alert for Business, that want to ensure they receive a notification when a data breach at a vendor or partner is entered into the ITRC’s data compromise database. For more information, fill out our interest form here and click “notified business alerts”.

Contact the ITRC

If you want to know more about how to protect your business or personal information, or if you think you have been the victim of an identity crime, you can speak with an expert ITRC advisor on the phone, chat live on the web, or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PST). Just visit www.idtheftcenter.org to get started.

Thanks again to Sentilink for their support of the ITRC and this podcast. Be sure to check out our sister podcast, the Fraudian Slip, for the latest in all things compromise, crime, and fraud that impact people and businesses. Last week, we discussed the findings from our 2022 Trends in Identity Report. We will return next week with another edition of the Weekly Breach Breakdown.