Last week was ‘Stay Safe Online Week’, yet someone who clearly missed this was U.S. rapper Kanye West whose phone password was broadcast to the entire world (FYI, it’s 000000) and so together with our tech director Iain, team Mobi thought we’d put together three tips for Kanye and others on how to stay secure on all your devices and reverse the threat of cybercrime.
1) Always use a password manager.
This makes it easy to never “re-use” passwords, so if a site gets hacked and your password gets stolen, that password cannot then be used to access any other sites. It also makes it easy to use strong 15+ character random passwords without having to remember them. Installing a password manager and starting a process to change or upgrade to using strong and unique passwords everywhere is probably the number one thing you can do to reduce the risk of falling victim to hackers.
2) Two Factor Authentication (2FA).
“If it’s offered, you should seriously consider using it”. There are a few common forms of 2FA, with differing levels of security but all of them are more secure than not using them. PayPal only offers SMS 2FA right now – which is perhaps the least secure common option because an “attacker” can call up your phone company and try to convince them to allow access to you account, or set up a new SIM (this happens way more often that you’d expect and is much easier than most people think) – so be careful.
3) Security Apps
There are a selection of phone apps that let you use authentication numbers that change every 30 seconds (this is called “TOTP” or Time based One Time Passwords”). Google Authenticator, Authy, and 1Password all have this capability. At the highest level are hardware 2FA keys like YubiKey or Google’s new Titan Security Key. There are a few different versions of these – but in general they plug into your USB port (or connect via Bluetooth) and let you tap a button to authenticate. Keep in mind, as you increase the security on your online accounts, making it more difficult for an attacker to break in, you also make it more difficult to log in yourself, that’s why it’s a great idea to make sure you have two YubiKeys kept in a safe place, and to make sure you have the 2FA app on at least two devices. That way if your phone breaks, gets lost or stolen, you have a backup plan to get access.
If you want to know whether or not your information has been exposed, subscribe to https://haveibeenpwned.com.