Over time, many of us have accumulated accounts that are free or included with services. Thankfully, it's getting easier to secure them.
Over time, many of us have accumulated accounts that are free or included with services. For example, at one time, almost everyone had an AOL, Yahoo, and/or Hotmail account. Nowadays, it might be a Gmail, Facebook, or Microsoft account. As we work remotely, it is important to remember the security of these free accounts. Thankfully, it's getting easier to fortify them.
Some platforms or providers are more secure than others, fundamentally. Some offer multi-factor or two-factor authentication, which is much more secure than the standard username/password log-in.
The first step, as always, is to use a secure and unique password. This applies to all your accounts, but it especially applies when the account is important. Email accounts, bank accounts, shopping accounts with stored payment methods - these should all have complex passwords. If you're overwhelmed by your accounts and passwords, consider using a password manager.
The other basic security step you should take advantage of is two-factor authentication. This is also known as 2FA or multi-factor authentication (MFA). Enabling this adds one more step to the log-in process. When you submit your credentials, you'll receive a separate text or email with a code. You'll then enter that code on the site or app, verifying it's you.
There may be slight variances in how each provider implements MFA, but the concept is universal. It involves authenticating the sign-in by confirming it's you through a secondary method. A hacker could buy your banking password off of a list, but if they haven't intercepted your email or texts, they won't be able to go any further.
An increasing number of companies offer 2FA or MFA options, especially if their services include sensitive or confidential information.
The next step up is to use an authenticator app for two-factor authentication. Microsoft has their own app, and other companies support apps as well. The authentication app on your phone is used in place of the emails or texts. The idea is still the same: you input a provided code to approve the sign-in attempt. Using an app eliminates the possibility of your phone number being spoofed or your messages intercepted.
(This is another reason why having strong, unique passwords for each of your accounts is important; if you are using the same password for your main and secondary email accounts, it's basically a free-for-all pass once the password is in the wrong hands. 2FA isn't effective if the hacker can see the same things as you.)
The last level is a hardware key or hardware authenticator. This is extremely effective, however it will add cost and some steps to your process. A hardware key is a small device similar to a flash drive that plugs into your phone or PC. Some work with NFC, like a keycard. They are the most secure because you have to physically use something to unlock your device. Many need a master password to enable, which is yet another layer of security.
This option is not free and does take some effort on your part. If you want a top level of security, this is the way to go.
No matter what type of account you are using, these are good steps to take. At the minimum, you should be using complex passwords to guard your accounts. Two-factor authentication adds another layer of security, and an app authenticator is the next most secure method of protection. For the ultimate security, use a hardware key.
Security is important, period, and it's becoming increasingly accessible. While the extra steps may seem like a nuisance, it is much better than dealing with a loss of your data, account, or money.
(Image Source: iCLIPART)