The Information Security of Enterprise Social Network Platform. The “Taipei Sports Bar” Facebook page set up by the Taipei City Sports Bureau was stolen on February 7 this year. That page was stolen and been published a number of pornographic video content and links from pornographic websites. So that page shutdown emergency shutdown after being stolen. However, this information security failure has also been circulated on the social network platform, and there are many domestic media reported this accident.
The Information Security of Social Network Platform
According to media reports, this page is operated and outsourced by the Taipei Sports Bureau. But after the administrator account and password of that page are stolen. The hacker deletes the original administrator account, and then publishes an indecent link from the pornographic website. More importantly, after this incident, the Taipei City Sports Bureau and outsourced business operators have no authority to deal with the matter. They can only report Facebook to close that page and call the police to deal with subsequent things.
Although the popularity of the social platform is currently the most popular way for corporate marketing or product promotion, the password security of the account now seems to be a concern for enterprise information security. It can said that the biggest loophole in information security still occurs in human factors, and the leak password strength is the most terrible problem for the enterprise information security.
Nowadays, the community website or mobile APP usually require us to login and verify the password before using it. And there are some basic rules for the passwords. Taking Windows as an example, it requirements are:
- Password length should at least 8 characters
- At least three combinations of the following characters: uppercase letters, lowercase letters, numbers and symbols (punctuation marks)
- Do not include user login name in the password
These rules for setting passwords are for hackers who want to invade your computer. Don’t include usernames, or birthdays and phone numbers, because these are the most commonly used passwords, and the passwords that hackers will guess first. These passwords almost have no password strength. So, these settings make sense for your information security.
Does your account often being stolen? Or does your Facebook page often being used to post shopping information!
Does your Yahoo accounts often being stolen? Even after changing the password, it was being hacked! Have you thought about the reason?
These are opportunities for account hacking, but we have always overlooked whether the password strength is strong enough! So what can we do?
Information Security – Google Password Manager
In early 2019, Google launched the Password Checkup tool, which uses Chrome to install additional extensions to monitor the password security of users in real time. That is, when the password you use is leaked or disclosed, that plug-in will pop up a warning notice and ask the user to reset the password. Google also announced that it will build the Google Chrome browser for password checking in 2020.
Google brings a new “google password manager” feature that can check whether a user’s password stored in a Google account is safe or not. Whether there is a leak, repeated user passwords or insufficient password strength, etc. It also can remind users to reset their passwords. Although passwords are no longer the most secure and reliable way for protection. So most online services support “two-phase authentication” for more protection. If you can enable this function as much as possible, you can protect the password for an extra layer.
