Your account has been hacked.
Those five words can strike fear into even the most powerful and prestigious. (Especially the most powerful individuals, actually.)
We live in a world where a 14-year-old script kiddie — someone who knows how to copy and paste a few lines of code — could potentially ruin a life. The digital age was supposed to make our lives simpler.
Although our surge in digital innovation has brought benefits, to be sure, there’s always going to be trade-offs. Especially through the growing pains.
8 ways to protect yourself
Methods of encryption and privacy protection are getting better by the day. But we’re not quite there yet. For now, we’re in a weird limbo. All you can do, really, is make sure you’re not the lowest-hanging fruit.
You can do so, first and foremost, by hedging your virtual bets by owning physical assets like gold, silver and land. They won’t go anywhere — even if the grid goes down.
Second step is take simple steps to secure your electronic banking accounts. These include, courtesy of Stefan Gleason of Money Metals Exchange:
- Close any dormant accounts that you no longer use.
- Keep paper records, including statements, from accounts you access online.
- Strengthen your passwords by lengthening them or using a password manager.
- Avoid storing sensitive information directly on cell phones or other commonly stolen/ hacked devices.
- Check your credit report regularly for signs of identity theft.
- Install anti-virus software on your devices and keep it up to date.
But, really, as far as your digital security goes, those steps are the bare bones. If you really want to secure your digital accounts, you’re going to need to go beyond just strong passwords.
2-Factor Authentication made simple.
Beyond passwords, I suggest embracing two-factor authentication. It’s not as complex as it sounds.
There are three main factors of authenticating who you say you are online.
The first one is proof of knowledge — you put in a password, for example, that, ideally, only you know.
The second is proof of possession — you provide something you have, like a device, that, ideally, only you own.
The third is proof of inherence — you provide something you are, like a fingerprint.
Two-factor authentication allows you to authenticate yourself beyond just that first layer — knowledge. So rather than only having a password, you can prove you are who you say you are with a keychain device only you own or a constantly changing code generated on your smartphone.
The Google Authenticator app, for example, produces a time-based password, giving you a new one every 30 seconds. When you log into your Google Authy-associated account, you simply open the app and type in the current 6-number code.
It’s a step above just having a password alone. But, since the authenticator app sits on your smartphone (and it’s Google’s, not yours), it’s not foolproof.
Yubikey: Yubikey, of which I’ve recently been testing, takes this one step further.
A Yubikey looks like a tiny USB flash drive. It’s small enough to be carried on your keychain or even in your wallet. When you plug it into your computer’s USB port, it turns itself on using the power of your computer — so no need for batteries.
When you press the button on the device while it’s plugged in, it generates a secret one-time password which can be used to log in to your account.
Without getting too mired into the technicalities, the long and short of it is this: Any account that’s linked to the Yubikey authentication system cannot be logged into without the device present. And the device is unique to you.
It adds an extra layer of protection from hackers. Even if an attacker knows the last password you used, it wouldn’t make a bit of difference because your next one will be something completely different. Something completely unpredictable.
It’s also a tough little device. A diver reportedly went down a couple of meters in the ocean with his Yubikey. When he dried it off and plugged it in, no problems. Another user unwittingly dropped his in the snow. It sat frozen until spring thawed the snow and he found it. It still worked.
Couple the Yubikey with proper use of a good password manager like LastPass and become one of the highest hanging fruits in the field.
Managing editor, Laissez Faire Today