Reports of data breaches, online accounts being hacked and passwords being stolen have become so commonplace, users are no doubt becoming numb and complacent to the real dangers these threats present. Even so, it’s essential that organizations and users take proactive and ongoing action to protect their sensitive information.
For instance, recent reports detail the alleged theft of 1.2 million usernames and passwords by a Russian cyber crime group. While on the surface this appears to be a massive breach, it’s a breach that took time, maybe even years to accomplish. So while it’s important to respond to incidents such as this, it’s just as important – or maybe even more important – to establish strong password best practices that take a proactive rather than reactive approach to dealing with breaches.
In this slideshow, we take a look at five steps, identified by Symantec, that organizations and individual users should take now to protect their most sensitive password-protected information.
Protecting Sensitive Information
Click through for five steps organizations and users should take to help protect their sensitive data.
Pay special attention to your email credentials
A lot of users fail to recognize that their email account can be a front door to their entire digital life. Think about how many times you may have reset your password on some other site and the recovery link is sent to your email account. In addition, avoid opening emails from unknown senders and clicking on suspicious email attachments; exercise caution when clicking on enticing links sent through email, instant messages, or posted on social networks; and do not share confidential information when replying to an email.
Change passwords on important sites
It’s a good idea to immediately (and regularly) change passwords for sites that hold a lot of personal information, financial details, and other private data. Cyber criminals who have your credentials could try to use them to access more information on these accounts. This is particularly true if you have used the same password on multiple sites. Attackers will often try to use stolen credentials on multiple sites.
Create stronger passwords
When changing your password, make sure that your new password is a minimum of eight characters long, and that it doesn’t contain your real name, username, or any other personally identifying information. The best passwords include a combination of uppercase and lowercase letters, numbers, and special characters.
Don’t re-use passwords
Once a hacker has your account information and credentials, they’ll try to use it to gain access to all your accounts. This is why it’s important to create a unique password for each account. If you vary your passwords across multiple logins, they won’t be able to access other sites with the same information.
Enable two-factor authentication
Many websites now offer two-factor (or two-step) authentication, which adds an extra layer of security to your account by requiring you to enter your password, plus a code that you will receive on your mobile device via text message or a token generator to login to the site. This may add complexity to the login process, but it significantly improves the security of your account. If nothing else, use this for your most important accounts.