Tech is constantly changing, and so is the way we use it. That means we always find new ways to let our guard down for bad actors to snoop on our data. Remember when you shared your address book with that trendy new app? Or when you posted photos on social networks? Those actions may all pose consequences that weaken security for ourselves and the people we care about.
Vijay Balasubramaniyan, the chief executive of Pindrop, a security firm that develops technology to detect fraudulent phone calls, said we should never forget that any piece of our identity we post online could eventually be used by fraudsters to hijack our online accounts. “Your digital identity, which comprises all your pictures, videos, and audio, is going to fundamentally allow hackers to create a complete persona of you that looks exactly like you, without you being in the picture,” he said.
So here are some of the most essential guidelines — like strengthening passwords and minimizing the data shared by your phone camera — to keep you and your loved ones safe for the foreseeable future. I refer to these as the five tech commandments hoping that you will remember them as if they were gospel.
Thou Shalt Not Use Weak Passwords
Let’s talk about bad password hygiene. According to a survey by Security.org, a research firm, about 45 percent of Americans use weak passwords that are eight characters or fewer. (Fourteen percent used “Covid” in their passwords last year.) The majority of Americans also acknowledged reusing passwords across different sites. This opens doors to many security issues. Weak passwords can be easily guessed by hijackers trying to gain access to your account. And if you use the same password for multiple sites.
Like your banking account, Target shopping account, and Facebook, then all it takes is for one of those sites to be hacked to make all those accounts vulnerable. For most people, the simplest solution is a password manager, software that helps automatically generate long, complex passwords for accounts. All the passwords are stored in a vault that is accessible with one master password. My favorite tool is 1Password, which costs $36 a year, but free password managers like Bitwarden.
The other option is to jot down passwords on a piece of paper stored in a safe place. Just make sure the passwords are long and complex, with some letters, numbers, and special characters.
Use Multifactor Authentication
No matter how strong you make a password, hackers can still get it if they breach a company’s servers containing your information. That’s why security experts recommend multifactor authentication, also known as two-step verification. Here’s how two-factor authentication has generally worked: Say, for instance, you enter your user name and password for your online bank account. That’s Step 1. The bank then sends a text message to your phone with a temporary code that must be punched in before the site lets you log in. That’s Step 2.
In this way, you prove your identity by having access to your phone and that code. Most mainstream websites and apps, including Facebook and significant banks, offer methods of two-step verification involving text messages or so-called authenticator apps that generate temporary codes. Just do a web search for the setup instructions. If a company doesn’t offer multifactor authentication, you should probably find a different product, Mr. Balasubramaniyan said. “If a vendor says, ‘All I’m doing is passwords,’ they’re not good enough,” he said.