Ep6: Securing Your Online Accounts

: 00:00:00

Welcome back to another edition of Byte Sized Security, the podcast

: 00:00:03

sharing bite-sized cybersecurity lessons.

: 00:00:05

With new account breaches happening constantly, it's clear that relying on

: 00:00:09

weak, reused passwords alone is no longer enough to protect our digital lives.

: 00:00:13

That's why in this episode, I'll be diving deep on best practices for

: 00:00:16

securing your critical online accounts.

: 00:00:18

I'll explore the elements of strong passwords, using unique

: 00:00:21

passwords for each account, proper password storage, and cutting-edge

: 00:00:25

authentication methods beyond passwords.

: 00:00:27

I'll also provide tips on monitoring account activity, handling breaches,

: 00:00:31

and overall account hygiene habits.

: 00:00:33

If you want to lock down your online accounts to reduce your risk of

: 00:00:35

cybercrime, phishing, and identity theft, this episode is for you.

: 00:00:39

Your online accounts are the gateway to your digital life, containing everything

: 00:00:42

from financial data to personal communications to identity information.

: 00:00:46

That's why the accounts themselves, and the ways you secure them, should

: 00:00:49

be one of your top priorities for boosting your cyber protection.

: 00:00:52

I'll start with some key tips for creating strong, unique passwords

: 00:00:55

for every account, since your password is still typically the

: 00:00:58

first line of defense preventing intruders from accessing an account.

: 00:01:02

First, length matters when it comes to security.

: 00:01:04

Use passwords of at least 12 to 14 characters, or ideally even longer

: 00:01:08

passphrases of 20+ characters.

: 00:01:10

Longer passwords are exponentially harder for hackers to crack.

: 00:01:13

Include a random mix of uppercase and lowercase letters,

: 00:01:16

numbers, and special symbols.

: 00:01:18

Avoid dictionary words or personal info that could be uncovered.

: 00:01:21

And definitely don't use the same password across multiple accounts, as breaches

: 00:01:25

often compromise passwords to many sites.

: 00:01:27

Ethan, can you explain the concept of password re-use?

Ethan: 00:01:30

Sure Marc.

Ethan: 00:01:31

You know that e-mail password you do not care if somebody knows

Ethan: 00:01:34

because it's just for spam e-mail?

Ethan: 00:01:35

Well did you use that password on a site you do care about?

Ethan: 00:01:38

Password re-use is how one site's password gets compromised and that's input into a

Ethan: 00:01:43

program that tries that email and password combination on thousands of websites.

Ethan: 00:01:47

Next thing you know, somebody is getting free Uber rides on your account.

: 00:01:50

To aid in remembering complex unique passwords, use passphrases

: 00:01:54

- long passwords built from multiple words, like "CrazyCat&HatFly4Ever".

: 00:01:58

This makes it easier to recall but still secure against guessing.

: 00:02:01

You can also use a password manager app like 1Password or Bitwarden to

: 00:02:05

securely generate and store strong, randomized passwords for each account

: 00:02:09

rather than manually creating them.

: 00:02:11

Just be sure to use a very strong master password for the manager itself.

: 00:02:14

Now let's discuss multi-factor authentication, which adds

: 00:02:17

a second layer of identity verification beyond just a password.

: 00:02:21

Options include SMS codes, authenticator apps, security keys, or biometrics

: 00:02:25

like fingerprint or facial recognition.

: 00:02:27

In case you missed it, Episode 2 of Byte Sized Security named, "Securing

: 00:02:31

logins with two-factor authentication," covered this topic in depth.

: 00:02:35

Multi-factor authentication blocks access to accounts even

: 00:02:38

if the password is compromised.

: 00:02:40

So it's absolutely critical to enable on any sensitive logins, especially email,

: 00:02:44

financial services, cryptocurrency, and accounts storing personal information.

: 00:02:48

Authenticator apps that generate 6-digit time-based one-time codes

: 00:02:52

are generally the most secure and convenient multi-factor method.

: 00:02:55

Though security keys you physically plug in provide the strongest protection.

: 00:02:59

Enable multiple factors on as many logins as you can.

: 00:03:02

Of course, you'll want to store any backup codes needed for multi-factor recovery in

: 00:03:05

a very secure place, not on your computer.

: 00:03:08

And take care not to have your primary and secondary factors ever compromised

: 00:03:11

together, or that defeats M F A's purpose.

: 00:03:14

A cybercriminal needs to only circumvent your weakest

: 00:03:16

security layer to gain access.

: 00:03:18

One potential drawback of physical hardware tokens is

: 00:03:21

some compatibility Issues.

: 00:03:22

Not all online services support hardware tokens, so you might still

: 00:03:26

have to rely on other 2 Factor Authentication methods for some accounts.

: 00:03:29

But hardware tokens do offer enhanced security.

: 00:03:32

Hardware tokens are immune to many common attacks such as phishing,

: 00:03:35

man-in-the-middle, and replay attacks.

: 00:03:37

Since the token is a physical device, attackers cannot easily duplicate or

: 00:03:40

intercept the authentication code.

: 00:03:42

While hardware authentication tokens offer robust security benefits, they

: 00:03:46

come with their own set of challenges.

: 00:03:48

The decision to use them should be based on individual needs, the

: 00:03:51

value of the data or accounts being protected, and personal preferences.

: 00:03:55

There is a link in the show notes to how to figure out

: 00:03:57

your own personal threat model.

: 00:03:58

For your most high-value accounts like banks or crypto currency

: 00:04:01

exchanges, explore any advanced authentication options offered

: 00:04:05

beyond standard multi-factor.

: 00:04:06

For example, some financial institutions allow using biometrics or video selfie

: 00:04:11

verification when accessing accounts, adding further identity proofing.

: 00:04:15

And there is the concept of Passwordless logins which eliminate the need

: 00:04:18

for users to enter a password.

: 00:04:20

Instead, they rely on something the user has like a mobile device or

: 00:04:23

something the user is like a fingerprint.

: 00:04:25

Solutions like 1Password offer this by sending a secure link to

: 00:04:28

a registered email or device, or using biometric authentication.

: 00:04:32

But it may not be accepted on every site where 2 factor

: 00:04:35

authentication is more standard.

: 00:04:37

In either case, you will probably need a trusted device to authorized

: 00:04:40

the request like your phone.

: 00:04:41

Using an authenticator app is just as easy and familiar and serves a similar purpose.

: 00:04:45

Most authenticator apps like Authy, will allow you to set a different

: 00:04:48

PIN or use biometrics to open the app to use the 6 digit code

: 00:04:52

being asked for enhanced security.

: 00:04:54

So even if somebody has your phone and it is unlocked, they would still

: 00:04:56

need a PIN or biometrics to open the authenticator app to get the code.

: 00:05:00

Now I'll touch on a few other important account security habits

: 00:05:03

beyond your login credentials:

: 00:05:05

Carefully monitor account activity for any unauthorized

: 00:05:07

access attempts, transactions, or changes to account details.

: 00:05:11

Many services let you set up alerts for suspicious activity.

: 00:05:14

Be cautious of third-party apps and sites requiring your login credentials.

: 00:05:18

Only provide to reputable services, not random websites.

: 00:05:21

And revoke access once no longer needed.

: 00:05:23

When available, enable the highest account security settings, like fraud monitoring,

: 00:05:27

restricting account access locations, and mandatory strong authentication.

: 00:05:32

If you do have an account compromised, respond quickly.

: 00:05:34

Change your password immediately and enable Multi Factor

: 00:05:37

Authentication if not already on.

: 00:05:39

Contact the company to secure the account and assess damage.

: 00:05:42

Scan devices for malware.

: 00:05:44

And place fraud alerts with credit bureaus if personal data was exposed.

: 00:05:47

Lastly, maintain overall good account hygiene habits.

: 00:05:50

Sign out of accounts after using services.

: 00:05:52

Change passwords if breached or you have reason to be suspicious.

: 00:05:55

Delete old unused accounts lingering online.

: 00:05:58

And make sure your email, phone and security options

: 00:06:00

are kept current on accounts.

: 00:06:02

Applying all these security layers will greatly reduce

: 00:06:04

the risk of your credentials being your cyber Achilles heel.

: 00:06:07

Enabling multi-factor authentication and using strong, unique passwords remain

: 00:06:11

two of the most impactful steps you can take to lock down your digital kingdom.

: 00:06:15

I know that's a lot of account security ground we covered today.

: 00:06:18

But staying vigilant over your online logins is one of the wisest

: 00:06:21

investments of time you can make to protect your data and identity.

: 00:06:24

I hope these tips give you a blueprint to significantly harden your defenses.

: 00:06:28

In the show notes, I will link to a resource where you can quickly,

: 00:06:31

easily and for free, lock your credit.

: 00:06:33

This simple thing that almost nobody does, will stop thieves from getting loans

: 00:06:36

and credit authorizations in your name.

: 00:06:38

Identity theft is real and really difficult to unravel.

: 00:06:41

By locking your credit, you can make it harder for your identity to be

: 00:06:44

stolen and you do not have to subscribe to a monthly service to do this.

: 00:06:47

It is free and easy to do.

: 00:06:49

Again, check the show notes for a step-by-step how-to guide to easily lock

: 00:06:52

your credit at the major credit bureaus.

: 00:06:54

That wraps up this episode of Byte Sized Security focused on properly

: 00:06:58

securing your critical online accounts.

: 00:07:00

Enable multi-factor authentication, use strong unique passwords and

: 00:07:03

password managers, monitor activity, and maintain good account hygiene.

: 00:07:07

Account security should be the cornerstone of your overall cyber protection strategy.

: 00:07:11

And be sure to check the show notes of this podcast for helpful resources

: 00:07:15

specific to securing your online accounts.

: 00:07:17

Until next time, stay safe in the digital world!