Posted on

How To Secure Your Online Accounts From Hackers

What do your online banking website, your email account, and Facebook all have in common?

They all require you to log in. You’re prompted to enter your username and password to gain access.

As cybercriminals desperately seek to steal your personal information, they’ve gotten really good at cracking usernames and passwords.

Unfortunately, this basic level of security is no longer effective on its own to prevent others from accessing your personal online accounts. This leaves you at serious risk for identity theft, fraud, and other scams.

In today’s column, I would like to briefly show you a foolproof way to keep hackers from breaking into your online accounts – even if they know your password.

2 is the magic number

Two-factor authentication is an advanced method of website security. It forces someone trying to gain access to a website to prove they have the right to enter.

Two-factor authentication requires two different forms of identification, both of which must be correct, to successfully be allowed entry.

Compare it to completing a transaction at the license branch. You’re often required to provide two documents to prove your identity – such as a birth certificate proving you are who you say you are and a utility bill proving your mailing address.

What you know & what you have

Tech expert Leo Notenboom describes two-factor authentication like this:

“Authentication has almost always been in the form of something you know – for example, a password. … Two-factor authentication adds something you have to the requirements to prove you are you. … You must possess something specific that is completely unique to you and only you.”

Google What?

The Google Authenticator app makes setting up two-factor authentication extremely easy.

1. Install the app on your smartphone.
2. Enable two-factor authentication on the website you wish to secure, such as Facebook or your online bank account.
3. Associate the Google Authenticator app with your account by either typing in a code or scanning a QR image.

Once you complete this process, the Google Authenticator app will begin displaying a random six-digit number every 30 seconds. These numbers are completely unique to your account and your cell phone.

Now when you (or anyone) attempts to log in to that particular website, it will prompt for the username/password AND the random number displayed in the Google Authenticator app on your phone at that time to be entered.

Without both correct pieces of information, access will be denied.

Other Methods

You can also use simple text messaging to set up two-factor authentication, if you don’t have a smartphone or don’t wish to use Google Authenticator.

Most websites offer you the option to configure your cell phone number as a verification method.

When you (or anyone) attempts to log in, a text message with a random code is sent to your cell phone. You enter that code, along with your password, to prove you’re authorized to access the site.

Securing your important online accounts with more than just a username and password is critical. Security breaches happen every day, even with “secure” websites.

Two-factor authentication provides the best way to keep unwanted intruders out of your personal accounts.

If you’d like more information about or assistance with setting up your accounts with two-factor authentication, feel free to call my office at (812) 386-8919 or email me at scott@calibre-cs.com.

Posted on

How Not To Get Locked Out Of Facebook And Other Online Accounts

“Hi, Scott.  I need your help,” the voice on the other end of the line greets.

“I’m locked out of my Facebook account and can’t get back in because I don’t remember my password.  Can you help me?”

While I happily try to assist, I know the chances for success are extremely low.

Facebook, Google and most other online services do not have a phone number you can call, speak to a live person, and have them reset your password.

Instead, your only option is to rummage through their web-based help documentation, submit an online form, and hope the requested information you provided is sufficient for someone to eventually send you instructions on how to get back into your account.

The majority of the time, this fails.

Why Account Recovery Fails

All online services provide you an easy way to recover lost passwords or regain access to your account.  The account recovery process typically involves sending an email to your email address or a text message to your cell phone.

So what’s the problem?

Most people never set up their recovery information in Facebook, Gmail, Pinterest, eBay, Amazon, and other commonly used websites.

Those who did when they first created their account seldom update their recovery information when their email address or phone numbers change.

How To Set Up Recovery Information

Each platform differs slightly in how to set up your account recovery information.  Here are links to instructions on how to do so on some of the most common websites:

Don’t Wait!

Avoid the frustration of forever losing access to your online accounts.  Invest a few minutes right now to take these important steps:

  • If you don’t already have a second email address, set up an alternate email address with Gmail (www.gmail.com).
  • Log in to each of your online accounts (Facebook, Gmail, Pinterest, eBay, etc.).  Configure your recovery options in each of them.
  • Associate your cell phone number, if you have one, with the account.
  • Set periodic reminders to make sure your account recover information is kept current.