Remote PC/Mac desktop tool GoToMyPC has forced all customers to reset their password after it suffered a “sophisticated password attack”.
A security notice posted on its website read:
Dear Valued Customer,
Unfortunately, the GoToMYPC service has been targeted by a very sophisticated password attack. To protect you, the security team recommended that we reset all customer passwords immediately.
The notice provides instructions on how customers can reset their accounts. However, what’s missing are details about what has actually happened. It’s not clear whether customers’ email addresses and passwords, or more, were stolen.
Also, I’m keen to know what a “sophisticated password attack” is.
While I’m disappointed in the lack of details, I’ll happily pat them on the back for suggesting that customers enable two-factor authentication on their account.
Two-factor authentication makes it far more difficult for unauthorized persons to get into an online account because it requires more than just a password to login.
Security consultant Mark Stanislav recently wrote a book on two-factor authentication, suitably named Two-Factor Authentication.
If your organization wants to offer its customers better protection, then I highly suggest that you read this book.