Online account security
In this article we presented the important role that our account and password have on daily life. At this point in time, according to haveibeenpwned.com there are 11,721,203,163 accounts that have been compromised. This is just an estimation that we know about, in reality the number is much higher.
As we already know, there is no such thing as 100% security and no tool that can stop a hacker 100%. Security is a constantly evolving process that we all need to adapt to so the only solutions is limiting our exposure to hackers.
So what options we have?
1) Shift from passwords to passphrases
We all know that people tend to use a simple password and avoid as much as possible changing it often as they should. Passphrases are easier to remember and are long enough to avoid being bruteforced easily. You can use fun memories or quotes that are easier to remember but try avoiding information that you post on social media. Try changing your passphrases at least once in 6 months, even every month if possible. Don’t trust the security of companies.
2) Use a password manager
Creating passphases that you can remember, for every account, can be a pain so why not use a software that can record all our passphrases or even complex passwords. In this case we only need to know one good passphrase. The app that I recommend and use it’s Bitwarden, I’m a fan of OpenSource software. You can use any password manager but take in consideration what features you are offered. You must have encrypted database and multi factor authentication. The passphrases generated can be as big and complex as possible (size will depend on your account provider) and different for every account.
3) Email aliases
Having the same email address used for all the accounts is bad news. Once an account has been found by a hacker, he can search on other platforms for that specific account and will have I high chance of finding a match. We can avoid it by using an email system that can allow us to add aliases. The one that I use is Outlook.com but you can find others with help from Google.
4) Use multi factor authentication
MFA is a must. You need to have it on all your online accounts as an extra security option beside your password. In case that someone is able to steal your password he will not be able to access your account without access to your secondary level of security. MFA it’s a random time-based generated password or TOTP and can be used in 3 ways:
- SMS – it’s not the best option but it’s better than nothing. Hackers can gain access to your phone number via SIM hijacking.
- an APP on your phone – Cisco DUO, Microsoft Authenticator, Google Authenticator, Free OTP & others. To add an account it’s very easy, you just need to scan a QR code or insert a code from your account.
- Physical USB keys – Yubikey, Nitro key, or FIDO key Adding this type of key on your account will make access available only with your physical key, like the key of your house.
Always create a MFA backup or have at least 2 login solutions. Backup codes from your MFA can be stored, encrypted with a good password, in a cloud service but not the one that you use your MFA to access.
Hope this will help you!