As the world of blogging continues to grow the popularity of content management systems like WordPress, Drupal, Joomla and many more grow as well. These systems on their own have become more robust and secure (considering). However what they cannot do is protect user when they chose to use weak passwords for their administration interfaces or for their connection to the content database. It is these weak links that hackers are now using in an attempt to incorporate personal (and in some cases professional) blogs into their botnets.

In 2012 there was more than 1 data breach per day and of these 365 plus breaches about 80% managed to get some sort of data. This is a pretty scary number when you think about it, but it actually pales by comparison to the number of personal accounts that are compromised due to poor security, weak passwords, and malware designed to steal passwords. So what do you do to help prevent this? A simple answer is to just not have any online accounts so there is no chance of getting your account compromised. However, we know that this is not really a viable solution so it is fortunate that many companies are finally turning to two-step authentication to help mitigate this type of attack.

Well, well, well Microsoft is catching up to companies like Google when it comes to attempting to secure user accounts. Although many of the steps they stated they were going to take are still in the development stage we are at least hearing that they will be implementing two-factor authentication (TFA) for their Microsoft Account Services. This move is behind Google and a few others that use either an app or a key token to generate a random number which is used to verify your identity. The move comes as many are criticizing Microsoft for making such a big push to the cloud.

As more and more user accounts are hacked, we still hear about systems that still allow for simple password hints, security questions, and even worse will not allow for complex passwords. We know of at least three banks that will not allow special characters in their passwords and limit them to 14 character maximums. This lack of foresight on the part of the people that are supposed to be protecting our data is shocking to say the least. Even with easy access to items like TFA (Two-Factor Authentication) we still hear about security breaches and account hacks on a daily basis. So what do you do if an online service does not provide any two-factor authentication? Most would say you are out of luck, but there is something that might help keep things a little more safe than just the stock password that you are required to drop into your accounts.  This is the Yubikey which provides something like a secure token that you can add to your online accounts to put in a little more protection.