Have you heard of Mat Honan? He's a writer for Wired Magazine who made the news recently - you can read about him here. Mat's story exposed a big weakness in digital security - many companies make it easy to recover passwords, catering to convenience rather than security. In Mat's case, a hacker called Amazon claiming to be Mat and successfully fooled Amazon's customer support. Once logged in to Mat's Amazon account, the hacker used personal information stored in Amazon to fool customer support at Apple and Google as well.
The lesson to learn? Don't rely on your websites to protect your information – that's your responsibility. Your accounts are all linked because they belong to you and use your personal information, and that can make you vulnerable to a chain reaction. But never fear: there are some little things you can do to make a big difference in your security.
1. Use passphrases, not passwords.
A simple sentence like "I love 1964 Mustangs" is much more difficult for a computer to guess than a complicated letters-and-numbers password like "mustang64lvr" and is much easier to remember with or without spaces.
2. Use a different passphrase for each account.
Using unique passphrases limits damage to just one account and avoids a chain reaction. Use extra-strong passphrases (like the "I love 1964 Mustangs" example) for your most important accounts. And don't forget to keep track of your passwords.
3. Get creative with your security questions.
Many sites allow you to reset your password by answering questions, like "What was your mother's maiden name?" A lot of information about you is available online, so don't use plain answers. If you have the option, write your own question. If not, adopt celebrities as family members. Why not have Catherine Zeta-Jones be your mother, and Ringo Starr your first pet?
4. Use 2-step verification to lock down your accounts.
Some sites offer 2-step verification. This means that when you log in from an unfamiliar location, the site will send a text message to your cell phone to make sure it's really you. It's great for important accounts like Google or Facebook. Google has an excellent 2-step feature. On Facebook, it's called "Login Approval." If you have a Yahoo account, the setting is called "Second Sign-in Verification." On PayPal, it's called "PayPal Security Key."
5. Back up your important files.
Mat from the story above lost everything, including all his pictures of his young daughter. But he could've saved all of his photos and files if he had just backed it up on an inexpensive external hard drive. In this day and age, if it's not backed up, it may as well not even exist. Would your pictures, documents, or even music be gone forever if your computer crashed?
Being a just a little more aware of your digital security can make a big difference. What are your tips for keeping your accounts and info safe?