Having your email, website, or business software hacked can be a frightening experience and extremely damaging to your business. Taking some simple steps such as using stronger passwords and implementing Two Factor Authentication can provide you with much greater protection and reduce the potential risk.
Keeping track of all the different passwords that you need can be extremely challenging so it’s no surprise that many people use the same basic passwords across many different websites. You probably know you shouldn’t be using the same login information and that your passwords should be more complex, but you may not know of a realistic alternative. An excellent solution is to use Password Management Software.
Learn about best practices for creating passwords from one of the leading authorities on internet securtity, Brian Krebs: Krebs on Security: Password Do's and Don'ts
LastPass had been my preference for Password Management Software for many years, but after several highly publicized data breaches I can no longer recommend them. Alternatively, there are several highly-rated services such as Dashlane and 1Password that are good options. Given the amount of trust you may be placing in your Password Management Software I always recommend using it in combination with Two Factor Authentication (explained below) to ensure your information is protected.
If you are going to put your trust in Password Management Software then be sure to use a strong master password along with settting up Two Factor Authentication (see below).
Two Factor Authentication
What is Two Factor Autentication?
Two Factor Authentication (also known as 2FA, Two-Step Verification, or TFA) is an extra layer of security that you can use in addition to a password. Often you can use an app on your smartphone like Google Authenticator that generates a code every 30 seconds. Even if someone gets your password, they won’t be able to log in without the code that is being generated on your phone. Another common option is to have a code texted to you. Either option can be a minor inconvenience at times, but it’s well worth it considering the added protection it provides.
Watch this short explanatory video from Google to get a better understanding about how Two Factor Authentication (also called 2-step verification) works.
Where can I use 2-Factor Authentication?
The majority of the best-known websites related to Online Marketing now offer a version of Two Factor Autentication including Gmail, LinkedIn, Facebook, Twitter, DropBox, LogMeIn, and many more.
Two Factor Auth (2FA) is a great website that has an extensive list of which sites support Two Factor Authentication.
Check If Your Information Has Been Leaked
With thousands of Data Breaches every year it is possible that your information has been exposed without you even knowing it. Most states have laws that require companies to report breaches and inform users, but it does not cover all types of breaches. To be more proactive, you can check two useful sites, Have I Been Pwned? and LeakedSource, which have created massive databases of all hacked information that have been publicly released. You can search by your email address or username on eather site, while LeakedSource also lets you check by phone number, name or IP address.
What If You're On The List?
You should immediately change your password for that site, but additionally, if you have used that password for other sites, you should change them all. This would also be a good opportunity to stop using the same password for multiple sites and start using Password Management Software along with Two Factor Authentication (as mentioned above).