Like our last post in the series of password posts, this article will share more tips on how to make sure you create and use passwords that will stand up to the tricks of cybercriminals.
Multi-factor authentication requires your password, but then requires one or even more additional factors of information. A common second factor authentication is when a site sends a message to your phone or your email with a code each time you login. Some more sophisticated systems use fingerprints, facial recognition, or retina scans. The option for multi-factor authentication is usually in the account settings or security settings of the account you are using.
Secret Questions and Answers
Many accounts want to help you if you forget your password. When you set up your account, they have you answer secret questions that they can ask you to verify your identity in the case you have forgotten the password. However, many of these secret questions offered are not really a secret. Anyone can google you and find out where you went to school or where you born. One great tip is to make up an answer! Nothing says your secret answers must be true. You can make up a fictitious school you went to or say you lived somewhere that you really have never lived. Just be sure to remember the answer you made up!
Many websites and services will offer you the ability to sign into your account using your credentials from your social media or email accounts. Again, this is convenient and gives you access without creating a new account. Unfortunately, this approach is the same as using the same password for several accounts and is never a good idea. In addition, when we link accounts in this way, we are allowing the accounts to see the information from one another. For example, if you use Facebook to login to a shopping site, then the shopping site may get access to your personal information within your Facebook account and Facebook may have access to your credit card information which it may not have had otherwise.
Never allow browsers to remember your passwords. It is very convenient and makes it easy for you to access your accounts, but it also makes it easy for another user on your computer to access your accounts and have access to all the personal information those accounts contain. If you are looking for the same convenience, you might consider using a password manager instead.
Be aware of free accounts. There are many services out there that are free to use if you set up a free account. This is a convenience, but it may also be a risk. Remember the saying “If a service is free, your personal information is often the price.” These sites do not always have adequate protection to keep your information safe. If you are visiting a site that you will not be using regularly, look to see if there is a guest option rather than creating an account.
When you choose to create an account with a company, you will want to be sure you know the company. Check with the Better Business Bureau. Do a google search to see if there are complaints. Read the “ABOUT” section on their web site to find out who they are and what they represent. Finally, research to find out if they sell any of your personal information to outside companies. Some free services can offer their services for free because they make money from other companies by sharing your personal information with them.
Our devices are smart. Sometimes they are too smart! Many devices, if you do not actively log off an account, will keep you logged on for the next time you visit the site. This is convenient, but if someone else comes along after you to use the same device, they may have this access as well. If your device is missing or stolen, then someone may have access to your information.
Pay attention to the information you post on social media. Cybercriminals use this information to predict your passwords. For example, anyone on Social media has likely seen the fun quizzes and templates asking you to talk about your first car, your favorite food, the number one song on your 14th birthday. While these games seem harmless and they’re certainly fun to post, they’re an open template for security questions and account access verification answers.
Consider creating a separate email that you use only for online shopping and account creation. Save your main email address for true communication. You can protect your private conversations. All the advertisements and spam will be sent to the alternate email. Any hackers that breech the security of a site you shop with or have another account with will have access only to this second email address and not to your main email.
Are your company’s passwords secure? Catapult Tech Solutions can help, you be sure! Be sure you look for our other posts about safe passwords!
Are you on Facebook? We are, too. Let’s be friends!