Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
The streaming giant is looking to bolster flagging subscription growth and profits, but security researchers say the move offers a perfect opportunity to encourage better password hygiene and account safety.
Tara Seals, Managing Editor, News, Dark Reading
May 25, 2023
2 Min Read
Source: kasinv via iStock
Netflix made waves this week after announcing that it would start the process of squelching password-sharing with people outside of one's specific household. While the news sparked dismay for the many who offer their parents, budget-minded friends, and adult children access to their Netflix streaming accounts, security experts note the move offers account protection upsides.
In a Netflix corporate blog post, the streaming giant specifically called out those instances where the same set of credentials is used routinely at separate home addresses: "Your Netflix account is for you and the people you live with — your household." It then warned that it would boot offending accounts or take other action to ensure that each household is paying for its own subscription.
Many noted that this anti-sharing stance is an about-face for the company's position, given that in 2017 it tweeted, "Love is sharing a password." But consecutive quarters of underwhelming profit growth do tend to spur changes at public companies, and it's clear that Netflix is not immune to shareholder pressure as subscription growth has stagnated.
Hidden Cybersecurity Lesson in Netflix's Password Crackdown
While the story may be primarily a business tale, security researchers note that the company is actually coming in line with cybersecurity best practices — offering a golden example of how business-to-consumer (B2C) organizations can foment better account safety amongst their customers.
"Even though this is a pure revenue play, the recent decision to crackdown on password-sharing brings to light the significant security risks associated with this common practice," says Craig Jones, vice president of security operations at Ontinue, noting that there are a number of risks associated with password-sharing:
Sharing a password undermines control over who has access to an account, potentially leading to a greater risk of unauthorized use and account compromise;
Once shared, a password can be further distributed or changed, locking out the original user;
Worse yet, if the shared password is used across multiple accounts, a malicious actor could gain access to all of them;
And sharing passwords can also make users more susceptible to phishing and social engineering attacks.
"Netflix's initiative serves as a reminder for other consumer-facing businesses to educate their customers about these risks," Jones says. "Clear communication about the implications of password sharing is crucial. Companies should emphasize that the consequences can extend beyond the shared account to any other accounts using the same password."
About the Author(s)
You May Also Like
More Insights
Webinars
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
