In our ever-connected digital world data breaches have become commonplace. Every week, thousands of personal records are released onto the internet through one data breach or another. In many of these breaches, account credentials (mainly email addresses and hashed passwords) are included – able to be used by attackers to exploit individuals en masse for their own personal gains. Fortunately, there are a few simple practices you can adopt to help safeguard your accounts and prevent unauthorized access.
Strong Passwords are Key
With the amount of data breaches occurring, it is only a matter of when, not if, one of your passwords will be included and exposed. When passwords are included in these breaches, they are generally encoded and need to be deciphered. With computers becoming more powerful, decoding these passwords has become a trivial effort for attackers. Maintaining alphanumeric passwords of sufficient length will make it far more time consuming, and impractical, for attackers to decode and make use of them.
Never Reuse Passwords
Make Them Unique! Hackers and security professionals have been able to compile massive lists of passwords and their associated encodings from these data breaches. Using these compromised password lists, passwords can be quickly guessed by comparing their encoded value against an already known value – this is much faster than trying to decipher them! Once a password appears on these lists, it can no longer be considered safe for use. Keeping your passwords unique to each service helps mitigate potential damage in the event of a data breach you’re included in.
Something You Know – Something You Are – Something You Have are the primary tenets of Multi-Factor Authentication (MFA) and one of the most effective ways to keep your accounts safe. MFA is commonly implemented with smart phones taking the place of “something you have” and passwords being “something you know”. You may have seen your financial institute enforcing MFA by requiring you to enter a six-digit code, usually sent by text message, after first entering your password. By adding another layer of security, Multi-Factor Authentication ensures that in the event one credential becomes compromised, the overall account remains secure because the attacker is missing the other set of credentials.
By following the above practices, you can help safeguard your personal accounts from unauthorized access following a data breach.
Mark Neneman,
Director of Information Technology