Netflix has announced that it will take action against users who share passwords outside of their household, sparking concern among many who share accounts with family, friends, and even adult children. The move is seen as a significant shift in the company’s stance since a tweet in 2017 proclaimed that “love is sharing a password.” However, the move has cybersecurity experts pointing out that the change is, in fact, a good thing, as it highlights the risks associated with password sharing and encourages account protection.
In a corporate blog post, Netflix emphasized that its accounts should only be used by individuals living together in a household, warning that accounts that violate this policy could face corrective action or removal. This move has sparked concerns, especially among those who share their accounts with their parents, budget-minded friends, and adult children.
But cybersecurity experts emphasize that this move by Netflix is consistent with standard cybersecurity best practices, offering a golden example of how consumer-oriented organizations can promote better account safety for their customers. “Even though this is a pure revenue play, the recent decision to crack down on password-sharing brings to light the significant security risks associated with this common practice,” says Craig Jones, Vice President of Security Operations at Ontinue.
Password-sharing is a common practice, but it can undermine security and control over who has access to an account, potentially leading to unauthorized access and account compromise. A password once shared can also be further distributed or changed, locking out the original user. If the shared password is used across multiple accounts, a malicious actor could gain access to all of them. In addition, sharing passwords can make users more susceptible to phishing and social engineering attacks.
Netflix’s move serves as a reminder for other consumer-facing businesses to educate their customers about these risks. Clear communication about the implications of password sharing is crucial. Companies should emphasize that the consequences can extend beyond the shared account to any other accounts using the same password.
By cracking down on password sharing, Netflix is setting a positive example for cybersecurity awareness. It may be a revenue play, but it could also help prevent account compromise and data breaches resulting from poor cybersecurity hygiene. By highlighting the dangers of password-sharing, Netflix will also encourage its competitors to follow suit, promoting better account protection for their customers.