If you haven’t already had your account compromised on popular social media platforms such as facebook or Linkedin, you probably know someone who has because they hit you up with a message saying “Don’t accept messages or friend requests from me because my account was hacked.”
They go and change their password, and then they get hacked again – sometimes in the same day!
Why does this happen if they keep changing their password?
Let’s talk about why their account was compromised the first time. Many people have a bad habit of using the same password for everything, and then one day a company gets hacked exposing their password, and the credentials get leaked on a place called the “dark web” where they are sold as part of a database for as little as $10.00!
Threat actors buy these databases, and they run special software to try combinations of your email address and password to see if they work. Since most everyone has a social media account, they most often try social media accounts first to impersonate the victim and hopefully extort their friends and family members for even more information.
While using complex passwords and changing them often is a good idea, it is still important to turn on another layer of security known as Multi-factor authentication, which is sometimes referred to as two-factor authentication. This feature requires having access to more than just a password to login to your account.
It can be setup a number of ways, but it usually involves you having access to your smart phone where a code will be sent to you in your app or via text when you access a social media site, banking site, etc. and you will have about 60 seconds to enter a code to confirm your identity. This code will usually will expire after about 60 seconds.
I know this sounds like an inconvenience, but the good news is that once you set it up for each of your social media accounts, you can sign in one time on your trusted computer and you don’t usually need to enter this special code every time you login after that. You would only need to enter it again if you sign in from another unrecognized computer or location.
In my video, I walk you thru how to setup multifactor authentication on your social media accounts. I can’t cover all of the websites you should do this on, but there is usually an option under settings, account or profile for most every website you have an account with these days.
It is still optional to enable this feature in most places, but you really should turn it on now so that you won’t be the next person telling all of your friends and family not to accept messages or friend requests from you!
For any financial websites, including bank accounts, investment accounts, etc. you should ALWAYS have multi-factor authentication enabled!
In fact, this is so important that I am going to stop writing so you can go take care of this right now.
If you have any questions, feel free to reach out to me.