Use 2 Factor Authentication to Decrease Risk of Getting Hacked
If you're even vaguely aware of the news these days about online account hacks - like the recent Facebook breach - then you know the importance of changing your password immediately if you're at risk.
Post breach, change password!
Changing your password asap after such a breach prevents a hacker from accessing your account, as long as you change it before the hacker logs in! Otherwise, you have to go through an often-stressful password reset process, during which you have to prove your identity by some other means such as email, phone, or security question answers.
Password reset game is no fun
I have helped many clients through this reset process and it's not fun. It's not hard, it just takes time and costs money: my billable time. Believe me, it's not a preferred IT task for either me or my clients. We get painfully reminded about the importance of locking down account access using multiple layers of identification.
Use unique passwords
While strong and unique passwords raise the bar for anyone trying to hack your account directly, they don't prevent the types of hacks Facebook disclosed. Yet if your Facebook password or any other online password is unique, and you change it right away after a reported breach, then your vulnerability is reduced.
Don't give the keys to the kingdom!
If, however, you use the same password on multiple sites and a hacker obtains info on you, such as your name, email location, and a precious password, you can bet they will try that same identify combination to crack your other accounts. That's why it's critical to have unique and complex passwords, not just variations of a theme like "mydogbruno" and "mydogbruno1".
2 Factor authentication boosts security
So, the first line of defense is strong and unique passwords for EVERY online account. The second line is two-factor authentication (2FA), which requires access to something besides the knowledge of a password, like a cell phone. (The password is considered something you know, a first factor. The phone is something you have, a second factor.) The phone lets you receive a call or a text with a code to unlock your account, so it authenticates you beyond your password.
2-Step Verification in Gmail
Not all accounts provide two-factor authentication, but for the ones that do, I highly recommend it. Gmail is one. Google calls it 2-Step Verification. Here is a simple scenario after you set this up in Gmail: You get a new device, you try to log in to your Gmail account on it, and Gmail won't let you until you receive a code texted to your phone. You type into your browser or Gmail app that one-time-only code, then you're given access to Gmail on that new device. You won't be asked again, unless something changes on that device to make Google not recognize it.
After setting up 2-step in Gmail, if someone elsewhere tried to log in to your Gmail you'd receive a code on your phone. As long as that phone is with you, that person would have more difficulty accessing your email.
Set up 2 Factor where available
Besides Google, here is a short list of sites offering two-factor authentication: Facebook, Microsoft, Yahoo, AOL, and Twitter. If you have an account with any of these sites, take the time to set up 2FA.
Thanks for reading!
-Sam
