This episode rides on the coattails of last episode's topic of passwords. Let's start with security questions.
When signing up an account on a website, you've probably had to answer some security questions to help protect your account. These questions may come up when you forget your password and need to reset it or when you're logging into that site for the first time or from a different computer. They may include questions like "What was the first name of your date at your sr. prom?" or "What street did you live on while in the 3rd grade?"
If a person digs deep enough by a simple Google search, they can probably find out a lot of this information. We forget sometimes how much information about us is on the web. You have to treat the answers to these questions as if your own mother is trying to hack into your account so how do you answer them? YOU LIE!!!
Pull up Google maps, find a one horse town somewhere in Montana, find a random street and that's the street you grew up on in the 3rd grade. Think of a name of someone you've never known before and that's who you went to the prom with. Or if you really want to get clever, you went to prom with "Mailbox".
How do you remember these answers 5 years from now when you get a new computer and have to login to your site for the first time? Let's go back to the online password manager I talked about in the last episode. There should be some kind of Notes field associated with each account you add that you can type these answers into. Or if you're still not sure about a password site, you can password-protect an Excel spreadsheet and put your information in there. But make sure you have it backed up in several places.
Two-Factor Authentication:
I cannot stress how important it is to use Two-Factor Authentication (2FA). 2FA is an extra layer of security that is used in addition to your password for access to certain sites. It will send a random code as a text to your cell phone, or sometimes your email, that you will type in after you've put your password in. Most sites will allow you to do this only one time from a trusted computer so you won't have to do this every time. But even if someone had your password, they would still need your phone to continue logging in.
A lot of sites offer this: Facebook, Google, Yahoo, PayPal, Dropbox, Amazon, Turbotax and many others. For a complete list, go to https://twofactorauth.org/
I am blown away however that most banks aren't doing this yet.
Please, go turn these on now!!! It's called Login Approvals on Facebook. If you google search "<insert site name here> 2fa", you'll be able to find instructions on how to do it for each site that provides it. But keep all this in mind if for some reason you ever have to get a new cell number.
No comments:
Post a Comment