Joe Siegrist, VP and GM of LastPass, gives us his top 5 tips for improving your password security and staying safe online.
The hacking of Mark Zuckerberg’s Twitter and Pinterest accounts last month has been linked to the recently reported LinkedIn data dump and the re-use of passwords across different accounts. This news further proves the long-term damage and risk associated with these kinds of hacks – and is a good excuse to make sure you improve your password security across accounts. Online security doesn’t have to be hard. With the right tools, you can be safer online while also saving yourself time and effort.
Here are 5 tips to make sure your personal accounts are as safe as possible:
1. Humans are bad at making passwords. Get a password manager.
We hear of new hacks every day – some of which date back to data dumps on the dark web from 4 years ago. In spite of this, we continue to reuse passwords across our accounts, despite the obvious risks. It’s often too late by the time news of a hack reaches us, but you can take precautionary steps to make your data secure.
Using unique passwords for all your online accounts ensures that if they’re leaked in a breach, they can’t be used by hackers to get into any of your other accounts. A password manager, such as LastPass, is a secure way to generate long, complex and unique passwords without relying on your brain or a piece of paper to remember them. Better yet, it’s easy to import log-in data from all the accounts associated with your email address, and they’re encrypted.
2. Don’t store your passwords in your browser
While using your browsers to locally store passwords may be convenient, it is very insecure, leaving you and your passwords vulnerable if you were to be hacked. That very convenience is what prevents storing passwords in your browser from being as secure and robust as a password manager could be. Again, using a dedicated password manager takes it several steps further to help you manage your digital life.
Encryption and decryption by a password manager happens on your machine, so you never share your master password, and therefore never give the key away to your data.
3. Turn on Two Factor Authentication across all accounts, including your email
Two-factor authentication (2FA) means adding a second security step to your account – so to log into Twitter, for example, you might need your password plus a unique code texted to your mobile at the point of login.
2FA means that even if a hacker has your password, they will not be able to access your account without the second piece of information – one-time code generated from an app on your phone or a fingerprint. Two-factor is incredibly valuable for your email address, which is essentially the gateway to everything you do online, including your bank account, credit cards, investments, and much more.
Here’s how to set up 2FA for recently compromised companies:
4. Improve on your 4-digit PIN
We’ve all become accustomed to 4-digit pin on our mobile phones, but if you’re serious about security, head to your password settings and make it longer. It’s also not a good idea to make it the same as your online banking PIN.
5. Don’t forget about the security questions
Many online accounts will ask you to set up security questions to add an extra layer of safety to your account. However, they are typically terrible for security and for many people, are the weak link in their overall online security system.
If you’re already using a password manager to store all your passwords, try using the generated passwords feature for the security questions and save the answers in the “Notes” section in your account. Your note field ends up looking like this:
“First pet: ackpioughtso”
Make sure you also use the pronounceable feature, something we have at LastPass, when generating these. Otherwise, you might end up on the phone with customer service and explaining why your first pet has $$%%@@ in its name – which is more trouble than it’s worth!
All images: Pexels. Disclosure: this is a guest post, not a sponsored post.