Editorial comment
Writing as someone who fails to recall any password she has ever set, I’ve always been pleased with a website that autofills forms, uses facial recognition or gives a password hint (anything to jog my memory to remember that crucial combination of letters, numbers, capital letters and symbols). The concept of a password management system does appeal to me but I have never committed to using one. If you’re not familiar with them, password management systems comprise a web browser extension that stores all of your passwords in a sort of digital vault. You set a master password (there is still one to remember) and then bask in the security of strong encryption algorithms, local-only encryption, and multi-factor authentication.
Register for free »
Get started now for absolutely FREE, no credit card required.
But, in late December 2022, one of those password management systems was hacked and the consequences could be very serious. All 30 million LastPass users are at risk, as hackers now have a copy of each user’s entire password vault.
The December hack (thought to have been made possible by an earlier, unpublicised, security breach in August) stole billing and email addresses, end user names, telephone numbers, IP address information, and a host of customer vault data (unencrypted data such as website URLs, website usernames and passwords, secure notes, and form-filled data). One news report put it like this: “Hackers now have a copy of your entire password vault. Should they manage to crack your master password, they can take over your online life. That means full access to your emails, bank accounts, healthcare data, tax information, social media accounts – you name it.”1
LastPass claims that cracking those master passwords will be difficult and time-consuming for the hackers, especially if the master passwords were created using the company’s recommended best practices (according to their website, a good example of a master password is pronounceable and memorable, but not easily guessed, like ‘Fidoate!my2woolsox’). LastPass customers have been advised to reset important passwords for online accounts such as banking, taxes, credit cards, retirement accounts and so on.
It’s every password or data-averse person’s nightmare: you take the leap and trust a system to consolidate your data safely and securely, and it fails.
On p.20 of this issue of World Pipelines, Cognite discusses how streamlining industrial data can empower decision making for oil and gas operations. In a discussion of freeing locked down data: Cognite encourages the “optimisation and contextualisation” of operational data, to ensure pipelines are being run at maximum efficiency and safety. The article makes a case for structuring an organisation’s data so that there aren’t too many disparate systems at work, which often compete for attention and deliver siloes of data that can’t be combined. Read the article to be convinced of how collecting and collating data in one place can provide a strong, secure basis for operational excellence and the rollout of future technologies.