How secure is your online identity? Did you know that identity theft is more easily and more frequently perpetrated on the Web than it is in the physical world? The biggest reason this is true is because physical access to documents, face-to-face conversations, and in-country mailing addresses are not required, and attackers can be located anywhere in the world. As a result, online accounts are targeted for a variety of reasons by many skilled attackers in many countries.
So what can you do to keep yourself safe from being hacked or having your identity stolen? This slideshow features seven tips, identified by Shuman Ghosemajumder, vice president of strategy at Shape Security, to help keep you from being hacked and losing your identity online.
Click through for seven tips to help keep you from being hacked and losing your identity online, as identified by Shuman Ghosemajumder, vice president of strategy at Shape Security.
The most important line of defense comes from online services themselves. If a website is hacked and there is a data breach, it is beyond the individual users’ power to fully protect themselves. As a result, the most important rule is to be careful who you give your information to online. Do not provide financial information or any personally identifiable information to a site you do not fully trust.
Part of making sure you trust a site is verifying that the organization behind the website is reputable. Another part is making sure you trust your connection to that website. You should ensure that the URL is correct, and that you navigated to it directly, and did not click on a link from an unsolicited email, IM, or pop-up.
You should avoid public Wi-Fi connections and shared public computers if you can, since it is easy for attackers to sniff network traffic or install keyloggers to capture passwords. If you must use a public Wi-Fi connection, make sure that you don’t submit any login or personal information to a site that doesn’t use an HTTPS connection.
In general, the longer your password, the better. A passphrase of several pronounceable words is much harder for an attacker to guess with a brute force attack but easier for you to remember than a shorter jumble of characters.
If there is a password leak from one site, then suddenly all of your accounts where that password is used are at risk. Use unique passwords for every website.
As with passwords, if your answers are leaked from one website, other accounts become vulnerable.
Google and other services offer two-factor authentication (e.g., an additional confirmation sent to your mobile phone upon a login attempt from a new device) to protect your account even in cases where your password has been compromised.