Security - is there ever enough?
Another thing that I’m seeing a LOT of is security. I know I harp on security and it is a HUGE deal in my world, not only because it’s required by law, but because I want to keep your information as safe as I possibly can.
I get emails, texts, or “pings” to my authenticator apps regularly now where someone is trying to hack me. I’ve probably gotten 3 in the last 48 hours. Of course, I don’t answer the ping because whoever is trying to get in isn’t me, but that highlights a few things.
Someone somewhere (and usually I’m notified that they’re coming from somewhere in the Middle East) has my login credentials.
Because I use two factor authentication or multifactor authentication (2FA or MFA), the fact that they know my password isn’t enough. I won’t say I can’t be hacked because anybody can be hacked and I’m hearing disturbing things about how criminals are learning to break 2FA and MFA. But it’s going to be difficult to get past that security feature.
Facial recognition is actually safer than PIN numbers for your mobile device. If you don’t have that set up, you might want to do so. Is it foolproof? No. Is it better than nothing? Yes.
The harder you make it for bad actors to access your data, the more likely they are to move on to another target. It’s the unlocked car in the parking lot theory: why waste the time trying to break-in when you can just open a door somewhere else?
What can you do to be safer online?
Get a password keeper. I use Dashlane, but there are other products available.
One of the benefits of a password keeper is that it will automatically generate super strong passwords, so you don’t have to. Then it will store those passwords and autofill them when you need them.
But an even better benefit that I’ve found is that when I’ve been notified that my password has been found on the dark web, I can easily find where that password has been used and replace it immediately. 2FA/MFA is safer and I use them wherever available, but that doesn’t mean I want my live passwords sitting out there.
Activate 2FA and MFA wherever you can.
Yes, I know it’s a pain and sometimes I mutter under my breath, but it’s necessary.
Sometimes they’ll want you to have an app (Microsoft Authenticator, Google Authenticator, Authy, etc.); sometimes, they’ll send you a text or email. Either way, having a password isn’t enough and that’s the goal.
Get identity theft protection that monitors the dark web for your info. Whenever data thieves steal info from the “big boys” like Experian and TransUnion, they then take that data to the dark web and sell it to people who try to get to you. I use Aura, but there are others. Aura notifies me when it finds me on the dark web so I know to change any passwords affected.
A word about credit card hacks. I’ve been hacked 3 times this year - always Citi and they always handle it for me. On the one hand, hey, they’re great about fixing it. On the other hand, why is it always Citi?
Always, always, always look at your credit card statement. It’s not always $2,000 charges to Carnival Cruise Lines. Sometimes, it’s $8.99 to a streaming service that you wouldn’t notice in the grand scheme of things if your bill is about the same amount it usually is.
If there is something that you are going to have drafted from your bank account on a regular basis or if you’re very fond of using your debit card, consider setting up a household account vs. your regular checking. Bank accounts don’t necessarily have the same protections as credit card accounts. If you separate out $1,000-2,000 into an operating or debit card account and someone hacks that debit card, they aren’t going to have the opportunity to take all funds available in your regular checking because you’ve “walled-off” that asset.
You gotta be careful these days. It’s a world out there.