If you have a Nest security camera in your home, please make sure you have enabled two-step verification (2SV).
That way, even if you have made the cardinal sin of choosing a password for your Nest camera that you have previously used somewhere else on the internet, it will be much much harder for a hacker to hijack your camera and demand you subscribe to PewDiePie’s YouTube channel or put the fear of God in you that North Korea has launched a missile in your direction.
The current wave of hacks aren’t because of a software vulnerability on Nest’s internet-connected cameras, but instead because of the bug in users’ brains which means that they keep reusing the same passwords for multiple accounts and devices.
Password reuse is one of the most common mistakes made and also one of the riskiest things you can do the internet. You should have unique passwords for each account – and if you find it hard to remember them all (I can’t imagine how you *could* remember them all) you should use a decent password manager to do the job for you.
Oh, and if you’re not sure why some people are using hacking techniques to encourage people into following PewDiePie on YouTube, just listen to this recent episode of the “Smashing Security” podcast:
Smashing Security #109: 'Grinches target Amazon and Reddit, stealing Christmas from the poor'
Listen on Apple Podcasts | Spotify | Pocket Casts | Other... | RSS
More episodes...
Do you have a password manager that you recommend, Graham? I've tried LastPass but in 2018 I received no fewer than 30 notices that someone in eastern Europe was trying to log into my account.
Hi BK
You say someone has been spotted *trying* to get into your account, but not that they've actually managed it right? In which case, it doesn't sound like LastPass has done anything wrong other than (perhaps irritatingly in your eyes) notified you of a failed attempt to break into your account.
Presumably you have multi-factor authentication enabled for your LastPass account?
https://www.lastpass.com/multifactor-authentication
If not, I'd strongly recommend turning it on as it's an additional security measure for your password vault that will make it more secure. I believe multi-factor authentication doesn't come with free LastPass accounts, but – to be honest – with something as important as passwords, it's definitely worth the investment.
I don't use LastPass myself. Not because I don't have confidence in the product, but just that I've used 1Password for many years. Other products I hear good things about include Dashlane and BitWarden.