As mentioned in a recent post, the technology we’re relying on to stay connected while adhering to social distancing guidelines may be contributing to our vulnerability. But whether you’re chatting on a video conferencing app or charging airline tickets to your travel credit card, there are built-in security weaknesses inherent to our online lives. I’m talking about passwords. They’re necessary, of course. And they’re ubiquitous. A 2017 study estimated that the average business user has nearly 200 of them. That’s why it’s a good idea to refresh our understanding of safe password hygiene.
A few simple rules to follow:
- Choose passwords that are difficult to guess and have nothing to do with your personal information. Don’t use your birthday or house number or any information that’s easy to gather to make up your passwords.
- Never share your passwords. Beyond matters of basic trust, you don’t know how the person you shared them is protecting them. Does your shared password reside on a mobile phone or a slip of paper kept in a wallet? Both of those things can be lost or stolen.
- Don’t re-use passwords. If one of your accounts is hacked, that leaves more them vulnerable.
- Enable two-factor authentication whenever you have the option to do so on a website or device. It takes a moment more to complete a log-in but it can save you years of headaches if your identity is stolen.
Another layer of safety you might want to consider is a Virtual Private Network (VPN). VPNs allow you to surf the web anonymously and encrypt any data you send across it. That means you can use public wi-fi networks, like the one at your favourite Costa, more securely. They can boost your download speed, increase your bandwidth, and let you take advantage of peer-to-peer sharing of films and other entertainment media.
Protecting your personal data through the use of password managers and a secure VPN are great first steps towards increased cybersecurity. But there's no such thing as absolute safety online. Identity thieves have long memories--which means they may have access to your old passwords. And thanks to all the data breaches that have occurred over the last decade, they also have your name, address, phone, email, date of birth, and other personal information. So they spoof your phone number, call your bank, and pretend to be you. They give all the correct identity information and then say that they've lost the device that had their current account password on it—but they remember their old password. And they persuade the customer service rep to change your password again. Now you are effectively locked out of your own account while the thieves vacuum out your money.
Does this mean that password managers, VPNs, and the like are a waste of time? Hardly. The above scenario requires a lot of work on the criminals' part. They'll be much more likely to go after a bank account that's secured with the same password you used back when you were on GeoCities and MySpace. Beefing up your cybersecurity practices now will tilt the odds of staying safe back in your favour.
Author Bio:Susan Doktor is a journalist and business strategist who hails from New York City. She writes, guest- and ghost-blogs on a wide range of topics including finance, technology, and government affairs.