As part of our ongoing series on Scams Targeting Seniors and eSecurity in general, it followed that we should take a good look at passwords – why they matter, how to build a better one, and ways to keep them organized. Along the way we’ll even peer into… the FUTURE of Passwords!
Okay, well the TRUTH is, that future is here now, however, we’re pretty sure you want to know what’s on the cutting edge. Let’s get this started – read on!
I know we all crave the convenience of using the same password for everything, however, over time we’ve each needed to step up our game! If you’re ready to move toward even stronger, more complex passwords, we’re going to show you exactly how to do it. AND, if you think you can leave your passwords where they are… well, these next few blog posts may have you rethinking that!
A Strong Password – What’s in it for me?
You lock your car – right? And you likely know someone who, under certain circumstances has used The Club on their steering wheel for added protection. You put a strong lock on the door to your house. You likely know someone who has upgraded their lock to include a deadbolt, kick-plate or alarm system in response to an uptick in crime in their neighborhood – yes?
Your passwords matter for the same reason you lock your car and house. They protect what you have from being stolen and protect you and loved ones from harm.
In the digital age we crave convenience. Folks link their online accounts together all the time. When we sign up for a new account, we may be prompted to “Login Using Facebook” or other social media account. Or, we use our Facebook login for other social, shopping or service accounts because a scant handful of passwords is easier for us to remember.
Trust me, I get it. It’s just that the extremely lucrative nature and ease of cyber-crime makes it a growing industry. And if you are not a digital native, are not sure what that means, or of an age where your contemporaries are frustrated, overwhelmed, and disengaging from technology – you, my friend are more likely to be a target for hackers and ne’er-do-wells.
Remember, the easier it is for YOU to access your accounts, the easier it is for criminals to access them too!
Daisy Chains & Connected Accounts
When you “daisy-chain” accounts together, you leave yourself exposed.
What’s a daisy-chain? As mentioned earlier, when you use a frequently used social media account as the login for another account, the two accounts become electronically connected. That’s a daisy-chain. The more accounts you log into using that single social media account, the more vulnerable your accounts become.
Consider this. You and your neighbor each have a condo and those condos share a common wall. You both have solid locks on your front and back doors, however, your neighbor leaves a ground-floor window open a crack during the summer for circulation. A burglar comes along, looks through your windows and spots some things they want. But YOU have all your windows locked. Burglar goes next door, enters through the open window, plunges a crowbar into a few spots on the shared wall to find a vulnerability.
If they find a spot where only wood, insulation, and drywall stands between the two homes, they simply hack through to your home, take your goodies, and walk out your door! The two condos are daisy-chained via the shared wall, so you and your stuff are only as safe as your neighbor’s home.
In 2012 there was a well-publicized breach that highlighted the danger of account daisy-chains as well as security flaws within Apple and Amazon. This epic hacking of Mat Honan, a writer for WIRED, is still an important cautionary tale today in 2017. More Here
Get to Know Me Lists
Not All Fun and Games
Have you seen “get to know me” lists that include questions like these:
What’s your favorite color?
What was your first car?
What was your High School mascot?
Name of first pet?
Where were you were born?
What’s your favorite animal?
Do you have a middle name – what is it?
I’ve seen several answers to THESE EXACT QUESTIONS and answers posted by several friends on social media in the past few months! Have you? Have you ever posted answers to these or similar questions on Facebook or another Social Media platform?
You know those security questions you need to answer for certain online accounts? Well, hackers use information skimmed from your social media accounts in combination with other black-market data available about us to determine answers to our online “security questions.” With info like this, it is easy to breach your accounts to gather more sensitive data and set up an alternate identity based on your information.
Are any of the question above like ones you have seen or used as security questions at login for your bank account, insurance account, doctor portal, or other account? It is important to remember that typically, when security questions are required for login, it is a financial, eCommerce, or otherwise sensitive account of some sort!
Here’s what you really MUST know! Seemingly harmless lists of random and trivial questions that include ones like these are NOT a game. They are NOT a way to get to know your friends. They are NOT safe and we need to let our friends, older relatives and OUR KIDS know this!
Guard the Holes in Your Online Identity
Look, we live in a brave new world of big data collection where scraps of our identity are continuously gathered and pieced together on server farms in all corners of the world.
Please RESIST the very human urge to participate in online Q & A lists, quizzes, personality tests, or knowledge, color, grammar, or spelling tests in the future! They are simply a very elaborate net designed to capture data about you. While the social media account itself be above board, the third-party developers who have access OR the hackers that breach your account are not.
My advice to you is this: MAKE IT HARD FOR THEM to fill in the gaps in your digital doppelganger. Be Swiss Cheese and leave plenty of holes!
COMING UP NEXT – In the next post, we’ll cover Social Engineering Attacks. What they are and how you can help keep you and any digitally challenged friends and relatives as safe as possible when online.
This blog contains general information and is not meant to apply to a specific situation. Please seek advice of counsel before proceeding as each case is unique.