Have you ever stopped at a gas station and been asked to enter a PIN number or maybe your zip code while paying at the pump? Recently I stopped at a gas station far off the beaten path and, to my delight, was asked to enter both! Being asked for two separate types of information is a form of “Two-Factor” or “Multi-factor” authentication that proves your identity more than one time.
Unfortunately, in our world of cybercrime and digital fraud, our identities and data are on the cybercriminal’s radar 24/7. Fortunately, there are ways to reduce the risk of your personal information being compromised.
Two easy ways to add a layer of security to our identities and data, both personally and professionally, is to practice Two-Factor Authentication (also known as 2FA) and exercise good password hygiene.
What is 2FA? It is an added layer of defense used to protect the security of your accounts beyond a simple username and password. 2FA is commonly derived by picking two of these three options: Something you know (i.e., password), something you have (i.e., smart card) and something you are (i.e., fingerprint). Historically, “know” and “have” have been commonly used requirements; however, biometric continues to increase in popularity. To increase your security, consider adding 2FA to your online accounts and mobile devices.
Use complex passwords that do not contain any easily identifiable personal information such as name variations, family members or identifiable numeric sequences. A commonly acceptable complexity level is to use three of these four character types: upper case letters, lower case letters, numerals, and special characters. As an example: Sp3cialP@ssword! is an acceptable password; SpecialPassword is not.
Also, random passphrases are gaining acceptance. Random passphrases provide an excellent combination of memorability, easy typing, and security. For example: awesome cat office kittendog. Utilizing complex passwords or passphrases should be used in conjunction withchanging them on a regular basis (passwords every 60-90 days and passphrases every 4-6 months) and assigning a unique one to each different account. Consider using a password manager to keep it all straight.
Take steps to safeguard your identity and your online accounts. It is not if you will be targeted, but when. Your security begins with your commitment to these two easy steps.