Protecting your Identity Online
Recent security breaches at Epsilon, Sony and the Texas State Comptroller’s Office illustrate just how easy it is to access a user’s personal data. In each case, millions of usernames and passwords were stolen, and in each case, it was done from inside. Someone clicked on something that allowed a hacker from the outside access. Once stolen, this information is often sold to others. The buyers will use the usernames and passwords to try to gain access to other sites and financial institutions.
Email addresses are often used as usernames and many people frequently use the same password with multiple accounts; so it’s easy to apply this username and its related password to random sites to try and gain access. There is software that automates this task and is highly successful.
Many people have multiple websites they log into and they tend to use the same username and password, or a variation of the password, because it’s easier for them to remember. Unfortunately, that need to be able to remember the password makes you more vulnerable to data and identity theft, or worse – financial loss.
The best protection against this is unique usernames and passwords for each and every website or service you access. You can do a Google search for “Best practices for usernames and passwords” to find an abundance of information on this, but I’m going to offer my thoughts for what I think is the minimum of protection.
1. For sites that have financial information or personal data such as social security numbers: Use a unique username and password. If it’s an email address for username, sign up for another Gmail, Hotmail or whatever “free mail” service provider and only use that email for that account; do not use it for anything else.
2. The password should be complex with upper and lower case letters, numbers and symbols. The best passwords are combination of something that is entirely random and which it is unlikely someone would expect you to use. You might create one from a combination of familiar names or dates. An example might be: CiscoPOR997030 – That’s my dogs name (AKC) and birth-date backwards. Cisco “Prince of Routers” 03/07/99. You can use a family member, city or whatever you’d like – you get the point.
3. If you’ve had the same passwords for years now – change them today!
Remember, being online is neither private nor very secure. Data breaches occur daily but are not reported or caught. The sheer number of people with online data makes the odds of your being a victim a statistical improbability, but not an impossibility. When you are a victim – it really sucks!
If you need help or have questions – please call our office for assistance!