With the most recent password breach at Yahoo barely a month since the LinkedIn password leak, it seems a regular occurrence now – is there anyone left who has NOT had a username/password breach?
The risk is that we start becoming calloused and maybe even comfortable with this, especially if you or someone you care about hasn’t had a direct consequence such as identity theft occur after a major security breach.
Our reaction should be the opposite. It should move us to action. These simple steps will make your account less vulnerable to being impersonated; your bank account less likely to get hacked and overall you will enjoy more peace of mind.
It’s important to note that these mass password breaches are not the most common way your credentials are hacked. The large breaches tend to covered by the media, but the topic of security of your credentials is a much broader topic.
Below are 5 easy steps to dramatically better security:
- Have a unique and strong password for each service. This way, if (or when) one of your favourite services has a password breach, you don’t need to be concerned about that password making you vulnerable in other accounts.
- Use a password manager like LastPass (with a strong password).
- Use OpenDNS to protect yourself from Phishing attacks. The goal of online criminals most commonly is to impersonate you and somehow profit from you. There are many different threats, including blended threats. OpenDNS protects from many of these.
- Use only up-to-date computers that are fully patched with latest updates and security protection. Many threats that succeed in compromising computers will use known weaknesses in order to compromise computers.
- Ask your bank for 2-factor authentication options. The jackpot for an online thief is to access your bank account. By requiring 2-factor authentication, it makes it significantly more difficult for anyone to break into your account. Some banks will send you an SMS to your mobile phone to confirm each online access or transaction. Others use number tumblers. We hope some banks will soon start offering One-Time Password (OTP) such as the Yubikey.
If any of this sounds too complicated, too techy, and you just want to get it done, never hesitate to ask us. We’re happy to help.