Facebook had a significant data breach which has been in the news lately, but it is far from the only one. 2021 has already been a year rife with events which compromised user data, from the chain store Kroger to the California DMV. It seems that increasingly users are most at risk for compromise and identity theft, not from what is typically thought of as risky behavior, but from hacking attacks that pull massive amounts of data from corporate and government databases. So, what can you do to keep yourself safe in light of these risks? Here are some best practices:
Have U Been Pwned?
One great resource for people endeavoring to keep their information secure is haveibeenpwned.com a website which monitors hacker boards and dark web sites for dumps of information associated with major breaches. Just go to the website and enter your username or email address—the site will inform you whether your account has been affected by major breaches and give you some details about what types of data might be affected. Needless to say, if any of your accounts have been compromised, you should change your password to something unique and complex, immediately.
Shopping Online? Check Every Day.
One piece of advice we often relay to people asking about online security is that if you do any online shopping at all, you should check your accounts every day for any sign of fraud. Using a dedicated credit card for online shopping is also recommended since fraud protection tends to be stronger for credit cards than debit cards. If websites give you the option not to save your billing information—take it. It may be a little less convenient, but if your billing information is not saved on a third party’s servers, it might be safer from breaches.
Use 2FA Today
One of the best things you can do to secure your accounts is to use 2 factor (also known as multi-factor) authentication. This means every time you sign into your account, you’ll have to confirm the login using a second device, typically your cell phone. This makes gaining access to your accounts much harder, even if a hacker or cyber-criminal obtains your password and username. If you are getting security notifications for login attempts you did not initiate, you should still change your password, even if you have 2FA on.
Don’t Use Duplicate Passwords
As the number of accounts we must maintain creeps into the dozens, it can be tempting to simply use one or two passwords across multiple different accounts. The problem with this is if one of your primary email accounts is affected by a data breach and your email and password are leaked, scammers will attempt to use that email and password to gain access to as many other common services as possible. Using unique passwords for each accounts will slow down such intrusions. If this sounds like a lot to handle, you might consider using a password management app like LastPass, Dashlane or 1Password. These use a single login for you to access your accounts from your end, while automatically and regularly cycling randomly generated complex passwords on the websites you are accessing.
Our increasingly digital and online lives sometimes put us in greater jeopardy for fraud and identity theft, but a little bit of caution can go a long way in protecting yourself from the fallout of data breaches. If you have questions about staying secure in an online world, give us a call at Mankato Computer Technology.