Thursday, September 20, 2012

Teaming Up for Password Protection

     Computer hackers never take a break. There is always someone out there searching for your online information because in today’s world there is so much they can do with it. That is why so much attention is paid to making sure this information is protected. discusses  how the password management company, LastPass, and the company in charge of a large list hacked information known as PwnedList, have teamed up to fight internet identity thefts from happening. I think this is a great idea because these two companies are able to come together and do what they do best. Working together, they can protect passwords and notify users when information may have been compromised, so when there are possible username/password hacks, it can be put to an end immediately.
     What this company PwnedList does is it finds compromised log-in IDs and passwords that have been posted in public areas and notify the user that their info is out there. Then you can go into the website and type in your username and password that you are concerned about. They will notify you if it appears on their list, if it is then that means hackers may be able to find out your information. So many people do their banking online, pay their bills online, and have their credit card information sent to them through email or hooked up through their account. Many people fail to catch the fact that their log-in information was compromised, so the service LastPass and PwnedList can save people a lot of financial troubles.  
      Many people have concerns as to whether or not they can trust PwnedList with their information. Who is to say that if you go there and type in your username and password, they might just add it to their list and call it compromised even when it wasn’t? This was a big concern and to fix this, PwnedList enables user to enter their information using SHA-512 encryption. This is a security measure so that once you enter your information they won’t be able to find out what it was. Once you type in your information, you find out if it was on the list without ever directly giving them access to your information. They also do not store compromised passwords in their database, so if they are hacked companies who use this will still be safe. This way, there is very low risk, but a very high reward for possibly finding out that your accounts have been compromised.
     This system through PwnedList and LastPass is being enacted with many corporate accounts that companies use to protect private company information. They can pay to first check their domain and usernames with the PwnedList system, then as the PwnedList system is updated, if any of their credentials become compromised they will be notified. The list of compromised usernames have grown from 5 million last November to 24 million as of now, it is clear that more and more usernames are in trouble. If a company can protect their information from leaking, it could prove financially beneficial to subscribe to the LastPass system. While the cost may reach into the five-figures for companies, to have all of their information secure would be worth it.  



  1. This Article gives hope for online shoppers, online bankers, and anyone else who uses the internet for personal information. PwnedList and LastPass are on their way to helping eradicate the “hackers”. In this day and age many people rely on the internet and are putting themselves at risk when typing in their personal information into public websites. Innocent people are still willing to take part in this risk because they want things done fast and efficiently. The internet is the best way to get things done. It seems to me that companies like PwnedList and LastPass are seriously on their way to making a big internet security break through. Since these companies are using the security system called SHA-512 encryption, once you enter your information the bad guys allegedly won’t be able to see what it was you entered, thus no ability to be hacked. This commitment to the new encryption solution makes PwnedList and LastPass more credible than other firms. I think this could really be a legitimate way to put the “hackers” to sleep for a while.

  2. I think this article is beneficial to many readers. People need to be aware of their resources in order to take preventive actions. LastPass and PwnedList will not only create hope about the reduction of identity theft  for many people, but also for many large corporations. People should make it a habit to  check PwnedList often. The more on top of identity theft that you are, the less damage that can be done. 
                Identity theft is often your own fault. People now a day give away their private information too freely. This is mentioned with people’s credit card information being directly hooked to amazon as well as online banking. Once the hacker gets into your amazon account they have access to your credit card information.
    I believe that banking from your iphone is a way to reduce identity theft. There is a location tracker on your iphone so this is a form of authentication. Your phone has the ability to use GPS to track the exact spot that you are, at that very moment in time. If you have credit charges from another country, that is a red flag to your credit card company that it may be fraud. This tracking feature is a trait that PC’s are currently without, making identity theft easier. Smart phones are so advanced with different security apps which could be set so that locations that have higher risk for fraudulent activities will need more steps in the authentication process. Peoples phones are often glued to their hip, which is a positive for fraud purposes. Since they are constantly by our side we have constant tabs on our different accounts.
    Although smart phones do have positives, they also have downfalls. They very fact that people always carry their iphone with them can increase their risk of loosing their phone with all their personal information on it. Another downfall to banking with smart phones is, in the case that the phone is stolen, it is much easier to get access to all the personal information on it, compared to retrieving all information on a PC.
    I believe that a step in the right direction to lower identity theft would be to use mobile banking. You have no excuse not to be checking your accounts daily since you have your phone right at your finger tips. People should enable their smart phone banking to send alerts to their phone regarding security purposes, this way the investigation could be done at a moments notice. Everyone should download security apps to their smart phone as a preventive action to reduce identity theft.