Spotify Plays it Safe With Password Resets
In light of the recent spat of data breaches leading to login credentials from accounts for Myspace, Dropbox, and other online services, Spotify has taken measures to preserve their user security–despite not being victimized in a recent attack.
Many users of the music streaming service received a message informing them of the need to change their password. This was because Spotify had disabled their previous password credentials in order to protect their accounts from attack after analyzing the publicly-available password dumps from other recent hacks and cross-referencing those lists with their own compilation of user credentials. Anyone with a match was contacted with a link to reset their password, after Spotify had already changed it on their behalf.
While the actions of Spotify are commendable, it is important to remember that it is not every day that a company will go to such lengths to preserve the online security of its users, despite more and more companies implementing similar strategies as Spotify when news breaks of a breach. Safely protected from liability by disclaimers and terms of service, many (if not most) online services place any accountability for responsible password habits on their users.
As a result, it is imperative that you follow a few basic guidelines when selecting passwords for your own online profiles and accounts.
First and foremost, utilizing a unique password for each online account is the simplest method of keeping all of your accounts from being compromised due to a single website being hacked. After all, if your credentials are unique to each website, a hacker won’t be able to use what they stole from one to access another.
It’s also advisable to avoid using easily-guessed combinations or phrases. Using “password” is a cardinal sin of online security. The best passwords use random, case-sensitive combinations of letters, numbers and symbols (if possible).
By following these basic rules, you can be sure that–if an online account of yours is infiltrated–any others of yours will be secured.
For more tech tips, news, and tricks, be sure to keep checking back on the Resolve I.T. blog!