Amid the continuing saga of password management comes this sweet article that really frosts me. It seems that Dunkin Donuts suffered a recent breach where attackers focused on its reward program (DD Perks) data. Dunkin stated that user names and passwords were obtained in a breach from another attack and were then used to test their DD Perks database.
In their public statement, Dunkin mentioned that they were unaware
Either pure laziness or a genuine lack of internet security education were reasons for this breach. Both of these can be incredibly dangerous, as was the case with this Dunkin breach.
Avoid Similar or Common Passwords
The hackers obtained usernames and common passwords from a previous breach on a completely different site. They stored them and began hitting multiple sites with an account checker, hoping that they would catch a member using the same login and popular password on a different site (DD Perks, in this case). People who used the same email address and common passwords for multiple sites were the reason for this breach.
Homer Simpson loves donuts, so he signs up for a DD Perks account. Unfortunately, his email () and password (
Mistakes like the one Homer made affect more than just him. As a business owner or leader, this can have scary implications
Break the Mold
So, what do you do as an individual? What can you tell your employees about passwords so that they aren’t bringing you unnecessary or added vulnerabilities?
Password management and creation can be overwhelming. With a million passwords for all the stuff you need to keep track of, it can feel more like a chore than a necessary part of keeping your data safe. However, there are certainly ways where you can switch up the passwords you’re using in a memorable way, while storing them somewhere that’s not easily accessible for people who’d like to steal your information.
Here are some password tips and tricks to help you tackle this issue.
Give your employees training on ways that they can better protect themselves and your business by contacting FRSecure.