Look, let’s go honest. Sharing passwords is as endemic to the Netflix experience as it is to canceling your favorite show for two seasons. Therefore, when the transmission service begins to try ways to reduce this practice, it is understandable that the many, many people who have come to expect community accounts naturally pile up. And yes, it’s always annoying when a train of sauce gets off the rails. But even if Netflix isn’t the top priority here, it’s much better that you keep your password.
The limited trial Netflix introduced this week is basically a form of two-factor authentication, the kind we hope you have in most of your online accounts. Some users have started to see the following request when they are satisfied with a problem: “If you do not live with the owner of this account, you need your own account to continue viewing it.” Below is an option to receive an email or text message to the account owner, which you can enter to continue viewing.
“We are still learning. We are definitely in the early stages, “said a source familiar with the trial. “The intention is not to apply it, right now, it is to learn how we verify the information so that we can balance the scales of security issues that may arise from unauthorized sharing.”
Yes, security issues. And while Netflix’s flirtation with password-cracking repression isn’t nearly altruistic, it’s not that anyone has read the terms of service, but it does specify that your account “can’t be shared with people outside from your home “, it is also true that sharing usernames and passwords, even with your closest relationships, can have negative consequences.
“There seems to be a misunderstanding that sharing passwords with acquaintances is not dangerous,” says Jake Moore, a cybersecurity specialist at security firm ESET. “The truth is we shouldn’t share passwords and adding multifactor authentication will help make this process better protected.”
Okay, but why? What is the real harm if I pass my password to a cousin or a not-so-casual acquaintance? It can come in some forms. The basics are also the most harmless: although you can share your login with a single friend, you can’t control how many people share it with and how many people share it, among others. , as an old Faberge ad. When WIRED senior writer Lily Hay Newman audited the Hulu account she herself had a few years ago, she found more than 90 authorized devices.
It is true that autoloaders primarily threaten the cohesion of your recommendation lists. It is not the end of the world. But they could also steal any personal data that contains your profile.
The much bigger problem is that the larger the circle of passwords, the more risk you will personally assume that your password will be compromised. And considering how often people reuse passwords on various sites and services, that means your exposure can go far beyond Netflix.
“Because I shared my password with you and you were hacked, this criminal now has my password,” says Steve Ragan, a researcher at Internet infrastructure company Akamai. “And if I’ve used that password anywhere else on the Internet, the criminal will find it and also have access to it. It spreads. It’s a complex issue.”
The practice of throwing a bunch of loose usernames and passwords at various services to see what stocks are known as credential padding and has especially affected the media industry in recent years. Between January 2018 and December 2019, credential-filled attacks targeting video services doubled, according to Akamai’s research. The media industry as a whole experienced 18 billion attempts during this same stretch. When Disney + was released, thousands of accounts immediately appeared in the dark web markets as hackers sniffed users who used the password. “In the short term, what will stop is the massive sale of credentials of this kind,” Ragan says.