Browsers, websites, anti-virus programs. They all want us to accept, they know what’s best for us. Sure, there are some out here, that can benefit from some help to keep them safe online, but the majority of users today, know the dangers of clicking on links sent by email, or on social media.
First, they came out with “safe web surfing, big name virus companies scanned the web looking for websites with malicious items. That is great, in a way. Except scanners aren’t that smart. If something was detected on your site, you were immediately placed on a list as dangerous. Bad thing is, if it;s a false positive detection, it can take months to be removed from that list. If you’re a business that had a malfunctioning credit card link, you lost a lot of business while you fought to get off the list.
Certification
Next they decided SSL (a form of encrypting your data) was the way to go, turns out, it was full of holes itself. Then came HTTPS which shows you are encrypted and verified by a certificate. This was forced on everyone. Very soon, they possibly stop you from connecting to a site, just because it has images from a site that runs only HTTP (because the site can’t afford a certificate).
Then came the breaches of databases, actually these have happened for years, the last few years they are reported more, due to liability to customers. So we now come to browsers, and some sites that you have to sign in to, telling us whether our password is strong enough. They are about to go one step further, and not allow you to sign in if your password has been found in a breach, forcing you to make a new password. When you start to set a password, the site checks a HUGE database of passwords from all past breaches, to see if it is found in a breach somewhere.
Now, while I am all for being safe. Some of this seems to be knee-jerk responses. Overkill, comes to mind. You can’t protect everyone, by trying to protect the minority of users, you place more burden on others. Not to mention, if that massive database of passwords, was ever breached. Well, you can picture that. There is a saying in IT security. Nothing is truly secure, from a hacker with the proper skill set.
Want to check your password to see if it has been used?
Click Have I Been Pwned to find out.
Comments welcome,