October is National Cyber Security Awareness Month and to start the month, let’s focus on one aspect of cybersecurity that everyone is familiar with: passwords.
In many cases, an online password is all that separates the average person from financial or reputational harm—passwords are the way that people log into their online lives: e-mail, banking, social media accounts, cloud storage, and so much more. And often times, in an effort to better remember passwords, users often minimize their size and complexity, use the same passwords for different online accounts, and don’t change them very frequently, if at all.
Unfortunately, cybercriminals—sometimes using the least sophisticated means necessary (i.e., password guessing, defeating security questions, social engineering, and technical devices such as keyloggers) obtain passwords more often than you think. This is why it’s important to add another level of protection between the cybercriminal and you.
Two-factor authentication, or TFA, adds that second level of protection, often a unique identifier to how you access the service. In some cases it means you’ll be texted a PIN code to enter in, other times you’ll be recognized by your location when you log in. In certain instances biometrics, like fingerprint readers, can be used for TFA.
And the best thing is, TFA is usually offered as a free service for most home Internet users by many e-mail service providers, social media platforms, cloud based storage solutions, and even banking and finance sites (although sometimes you might have to search a little for it or contact the company to ask if it provides two-factor authentication). Most sites that employ TFA require a strong password and supply a PIN that changes at a set interval—users can receive those PINs very easily through text messages or mobile applications.
However, using TFA does not mean you don’t have to take extra care with your password: make it unique to your life but something not easily guessed, use a different one for each online account, write it down and store in a safe place away from your computer, and change it several times a year.
While most services request special parameters for passwords, science and math comic XKCD illustrates how using separate words can make it harder for passwords to be cracked:
So start today! With cybersecurity, taking little preventative measures can go a long way.
Operations Specialist / FSO