By Savvy Cyber Kids April 7, 2020
Passwords. We all have them, and we all hate coming up and keeping track of them. Why?
We are busily trying to complete our daily list of to-do items as efficiently as possible. Yet, every time we want to read an article that affects our industries or us individually, we have to enter a user id, typically an email address and a password, just to read the latest happenings. Want to make a change to your retirement plan or place a personal trade? Enter your username and password. Need to run payroll for your employees or send a check to a friend? Enter your username and password.
When we take a step back it becomes clear why most people use the same password for as many accounts as they can AND they are typically easy to guess. The top 10 passwords used in 2019 were:
See, I told you I knew your password.
Hopefully, your password is not on this list, but you can check to see if the password (or passwords) you use has been compromised and should be changed immediately. You can do that by visiting this site and typing in your email address. Once you do, you will see a list of companies where your username AND password has been compromised and is now publicly known (ye, this is a legitimate site). If you see a company on the list, it’s time to go and change your password. Then, go change your password on every account where you used that same password.
But how will you remember all these new, complex, and different passwords? You can use one of the many password-safe tools that are available. Stick with one of the more reputable ones:
Now that you have gotten yourself back to a good starting place with your not easily guessable passwords and you are no longer using one that has been compromised during the hack of a company, it is time to take the next step. It is time to enable strong authentication on all your accounts that really matter. These are the accounts that run your business or your life. Think about what would happen if someone logged into your account. What damage could they do? For those sensitive accounts, go into your profile or settings and turn on strong authentication.
There are typically two methods companies use to provide you this secure login service. The most common, and least secure of the two, is by texting or emailing you a code that you enter. The better option to use if it is offered is an authenticator app (they are free to download to your phone).
Some companies are starting to use alternative authentication methods to prove you are who you claim to be. One method used behind the scene for many financial institutions is identifying the device, web browser, and IP address you are using. Some will even let you know they detected your device in a new location and ask if you are traveling to confirm it is really you trying to access customer or personal sensitive information.
No one wants their company account or their personal account drained of funds or sensitive information stolen and released to the world, so it is up to you to take this next step and secure your accounts with strong authentication.
Savvy Cyber Kids
See all posts from Savvy Cyber Kids.