Take Quick Action Now to Enhance Your Online Security in 2023
Perhaps you know a friend whose email was hacked. Maybe your data was part of a large online breach. Or possibly you’ve been a victim of IRS taxpayer identity theft, as I was. (Taxpayer ID theft is one of the fastest-growing forms of cybercrime, by the way.)
We all know that cybercrime is on the rise especially at this time of year. According to Forbes, cybercrime is growing exponentially each year, and 2022 saw climbing cyber threats, ransomware attacks and identity thefts¹. So as we enter 2023, I hope your list of New Year’s resolutions includes a commitment to increase your online security. Unlike losing weight or saving more money – the most common New Year’s resolutions – the following actions are quick and free.
Here are 3 things you can do now, in a matter of minutes, to increase your online security in the New Year.
1. Enable 2-Step Authentication
Yes, 2-step is a type of country dance, but today the term also refers to a type of verification or authentication that requires two actions. If you’ve ever tried to log into a bank account and a text message is sent to your phone with a code to enter on the website you’re logging into, that’s 2-step authentication. If you’ve swiped your bank card at an ATM, and then entered your personal identification number or PIN, that’s another example of 2-step authentication, which is also known as 2-factor authentication, 2FA, or dual-factor authentication.
According to the National Institute of Standards and Technology, 2FA is a security enhancement that allows you to present 2 pieces of evidence when logging into an account.2 The evidence is your ‘credentials,’ and those can be something you know, like a password; something you have, like a smart card; or something you are, like a fingerprint². With 2FA, your security is greater because in order to steal your identity, thieves would need to have both your password and your phone or email (to get the code).
You should use 2FA whenever possible, and always for your primary email, financial accounts, and health records. While some organizations require you to use 2FA, many offer it as an extra option that you can enable—but you must take the initiative to turn it on.
2. Use strong passwords. Or passphrases.
We all know not to use the same easy-to-guess password for all our accounts – or even for one account. Instead, use a strong password, with at least 12 characters or symbols, that’s unique to only one account. Or use a passphrase, which is like a password, but longer and more secure. In essence, it’s an encryption key that you memorize. The most effective passphrases contain upper and lowercase letters plus at least 1 number and 1 special character, such as a question or exclamation mark, and do not contain your user name or other data about you. Here’s an example of a passphrase: 2BeorNOTtobe?!
And how do you remember those passwords or passphrases? Do not carry them on a card in your purse or wallet. Instead, consider using a password manager (PM), an online browser or app that remembers all of your passwords or passphrases for you. PMs can keep you up to date and alert you of any breaches or hacks to your accounts. But there’s a big caveat: you absolutely cannot lose your password to gain entry into your PM. And PMs are targets for hackers. They can be hacked if your device is infected with malware. Which leads us to action #3.
3. Download security updates.
A security update improves security of your devices and fixes bugs, or problems. Your laptop may be set to install security updates automatically. If not, go to Settings – Update – Security and choose Automatic. You may need to authorize an update on your phone, but be sure to update that, too.
Follow these 3 recommendations, improve your online security, and have a joyous-and cybercrime-free-New Year.