Over the last year I have seen many friends and family text, email, or call me, or post on their social media about how a variety of their Facebook, Hotmail, Gmail, work, and lots of other accounts have been compromised, often leading to them losing complete access to these accounts.
Barring the significant inconvenience this causes, imagine the amount of data these hackers now have about you if they are in full control of all these accounts. You are now in the position where you have to change all your email address information with all your different providers and subscriptions. In some instances, I have even seen cases of these details used to embezzle tens of thousands of pounds from a business.
We all know how difficult managing your passwords can be, given we have hundreds of portals and social media accounts that we access every day. The challenge that we have is that we all use the same or similar passwords for all these different things. So, if the hackers crack it in one place, there’s no reason they can’t access everywhere else. This art has become so sophisticated, that hackers have built robot networks to troll the internet and guess your passwords, all at the same time.
This doesn’t just apply to the important stuff like your online banking or Facebook account, but also to the less robust things, i.e. your personal ASOS or Booking.com accounts. If you are using all the same credentials for these too, you’re giving the hacker access to gain your saved bank details and personal information. The point is that, having the same password in multiple places won’t keep you safe.
Luckily there is a free and simple solution that everybody must use. I have seen this be implemented in many areas and personally use it myself. Clearly there is no perfect solution, but this goes a long way, and I have found it to be very effective.
This is called Two Factor Authentication (2FA), and I stress you to enable it in as many places as possible. Just like when you log into your bank you need to enter a code, the same status should be equated to all your accounts, given the value of your data, and inevitable inconvenience that can be caused if it's jeopardized.
2FA not only requires a password and username, but also a unique pin. This makes it a lot harder for a potential hacker to gain access. It works by requiring any two or more of the following verification methods:
- A randomly generated pass code
- A phone call
- A smart card (virtual or physical)
- A biometric device
Having that extra layer of security on your accounts, will make it a lot more difficult for breaches to happen and your personal information to be leaked. The aim here isn’t to scare you, but to make you aware of the simple tools you should be using. Scammers know that we can be lax with passwords, making it easy for them to log in to your bank accounts, social media accounts etc. So if there’s one thing you do this year, let it be 2FA.
Here are some links to get you started with turning on 2FA:
On another note, this website can check if there have been any foreign attempts at logging into your Office 365 or Azure accounts. The website recognises who is actively trying to log in to your accounts, showing successful and failed attempts. Another legitimate reason to enable 2FA.
If you’re curious to know if your email address has been compromised, take a test here (don’t worry this is a secure link!)