Zombie passwords and security breaches go hand-in-hand, security expert says

Death and taxes may be two certainties in life, but New York author Adam K. Levin says you can add a third certainty – security breaches online.

And the source is often zombie passwords – passwords that never die and can come back to haunt you.

Levin, the former director of the New Jersey Division of Consumer Affairs and author of the book “Swiped”, says to make your passwords long and strong, never click on a link in an email, use two party authentication and lie on those security questions.

Yes, he said lie.

Levin says good password management can prevent you from becoming a victim of identity theft.

“People have a tendency to use simple passwords like “password” or 1234567 and then what they do is share them across the entire universe of websites,”Levin said during an online interview. “You’re living in a perfect storm and this perfect storm is dedicated to one thing only — to knowing as much as it about who you are, what you do, where you go — and many of these people want this information to take advantage of you.”

Levin said using real names on those security questions opens people up to having thieves find those answers on social media.

“Your mother’s maiden name doesn’t have to be your mother’s real maiden name,” Levin said.”Your dog’s name doesn’t’ have to be the name of your real dog, your high school mascot could be different. The only issue here is that if you’re going to lie to the questions, just make sure that you remember what the answer is.”

Levin says in addition to lying on those security questions, definitely buy in to websites that require two-party authentication.

Two factor authentication is when you log into a website and it doesn’t recognize the device you are using or it has a strict policy that requires that every time you log into the website it requires two party authentication,” Levin said.

“What it will do then is send a code back to a trusted device which in most cases would be your cellphone,” Levin said. “And you have to enter the code before you’re allowed to continue.”

And the threat is not just identity theft, Levin explained. There is also new account identity theft, medical identity theft, criminal identity theft and child identity theft.

“All these different things are getting worse especially tax identity theft – billions of dollars are being drained from the treasury of the US and states,” he said.


. . . . . . . .

Leave a Reply