How To Avoid Leaking Sensitive Photos
Stories are breaking on sites like Fstoppers and Brandsmash about private Boudoir photos that appeared on a creepy voyeur forum. It’s hard to imagine a more humiliating nightmare for a photographer or their clients.
Photos came from several sites, including SmugMug, and we paid extreme attention over the last two days to how it happened. We tried to take some comfort in observing that in every instance, it came down to passwords that were guessable in just a few tries.
The question for us was what could we do that we weren’t already? Over the past year, we’ve done considerable work around this problem, but yesterday we decided to expose some of the alerts our systems generate to our customers.
When our systems see several password attempts on a gallery or folder, they now send an email to the owner of the SmugMug site. It identifies the gallery, gives the first few digits of each password attempt with asterisks for the rest (bou***), and adds info like time of day and geographic location the request may be coming from.
Today our Support Heroes are receiving thank-yous from people whose family members couldn’t get in because they left the caps lock key on or forgot some aspect of the password “it’s a cap O (oh), not a 0 (zero)”.
And we read two help tickets from photographers who discovered that their boudoir galleries had password guessers. Fortunately, they had long passwords that were too hard to guess, but they are still making changes like removing the word Boudoir from the title, and making the gallery Unlisted so only people who obtain the link can know of its existence.
One of the security upgrades that came with New SmugMug is we don’t store passwords in a form that could leak in any way, including a systems breach, a bug, or a disgruntled employee. We use an industrial grade, Cryptographic hash function.
The breaking stories are about Boudoir photos, but we host incredibly sensitive photos (all cloud services do) of unannounced products and even, we remember, photos of an upcoming TIME Person of the Year.
1. Set a good gallery password before uploading photos!
2. Set galleries and folders to Unlisted. Unlisted means means no one can see them unless they have somehow been given a link. They cannot guess the link because it has a random string added to its URL. The combination of strong password + Unlisted is extremely secure.
You can learn more about how to protect your SmugMug galleries here.
We hope this helps, and thanks for being part of the SmugMug family!
Chris & Don MacAskill