Being a victim of a security breach is frightening and disruptive. Unfortunately, it is becoming an increasingly common part of our digital lives. The FTC states that 7-10% of U.S. citizens are victims of identity fraud. On a long enough timeline, most of us become victims of a security breach in one form or another. In fact, you may already be a victim and are unaware.
A simple method to check for security compromise can be performed at the "have i been pwned?" site. This site was created by Troy Hunt, a Microsoft Director, in order to help increase security breach awareness and prevent exploitation of multiple user accounts. Troy researches breaches and pastebins (a hacker preferred text storage sites) on behalf of others as a public service.
- Use unique, complex (upper-case, lower-case, numbers and special characters) and long (greater than 12 characters) passphrases for passwords and change them regularly
- Use multifactor authentication, or two-factor authentication whenever possible
- Freeze your credit with the three credit bureaus
Password reuse is very common, as are weak and short passwords. One way to help eliminate this problem is to create an audit list of all accounts that you have created—try to recall all of them. Go through the list and change all of the passwords to something, unique, complex and long. While you’re there, set up multifactor authentication as well. This prevents the hackers from succeeding with multiple account access with the same credentials.
This audit and password change process can be daunting with the large number of accounts we tend to create, but it's easier to facilitate with a password manager. A password manager is an application that stores and generates strong passwords using the latest encryption algorithms and will outperform even the best human memory. Speaking of imperfect memory, changing all passwords quarterly is a best practice. Some recommendations for password managers to help facilitate this process are:
Multifactor authentication (MFA) can be implemented by setting up a sign-on generated pin number text to a mobile device, an email, or a code sent to an MFA application hosted on a second device. There are numerous ways to implement this process and it can often be performed natively through the website you interface with. Having MFA and unique, long, complex passwords exponentially decrease your chances of being compromised.
Finally, there’s the process of freezing your credit. All three bureaus—Equifax, Experian and Transunion—have a free method to freeze your credit from inquiries and new account creation. By blocking your credit, it’s not possible for a threat actor to create an account falsely under your identity. When you need to have a credit inquiry performed, or an account opened, you simply unfreeze your credit during that time period, then re-freeze the accounts when done. It’s a free layer of protection. Here are the links to freeze your credit:
If you’re in doubt about your personal security, these steps are helpful in assisting you to increase your security posture and reduce risk of identity theft.
SECURE YOUR FUTURE WITH A CYBER SECURITY DEGREE
Network Security degree students will use critical thinking to research current and evolving cyber security trends and become experts in network security industry standards and regulations. Graduates from the cyber security program will have the essential knowledge and experience to automate their own security processes through extensive training in network security programs and scripts, and be prepared for careers in government and multinational corporations seeking certified ethical hacking professionals.
Don't wait. Apply now!