It is common to see hackers attacking companies and government agencies whose computer systems and exposing the personal data of millions of people. It is nearly impossible to keep personal information safe from hackers. With that depressing knowledge in hand, there are a few steps consumers can take to make it harder for hackers to exploit your data.
1. Turn on multifactor authentication.
If a service offers added security features like multifactor authentication, turn them on. When you enter your password, you will receive a message, usually via text, with a one-time code that you must enter before you can log in.
Most banking sites and popular sites like Google, Apple and Twitter offer two-factor authentication, and will ask for a second one-time code anytime you log in from a new computer.
2. Change your passwords again.
Yes, you need to change passwords again and they have to be passwords you have never used before. They need to be long and not words you would find in a dictionary. The first thing hackers do when trying to break into a site is use computer programs that can test every word in the dictionary.
It may sound counterintuitive, but the truly paranoid write down their passwords.
Security experts advise creating anagrams based on song lyrics, movie quotations or sayings, and using symbols or numbers and alternating lower and upper cases to make the password more difficult.
Use stronger, longer passwords for sites that contain the most critical information, like bank or email accounts.
3. Forget about security questions.
Sites will often use security questions such as “What was the name of your first school?” or “What is your mother’s maiden name?” to recover a user’s account if the password is forgotten.
These questions are problematic because the Internet has made public record searches a snap and the answers are usually easy to guess.
In a recent study, security researchers at Google found that with a single guess, an attacker would have a 19.7 percent chance of duplicating an English-speaking user’s answer to the question, “What is your favourite food?” (It was pizza.)
With 10 tries, an attacker would have a 39 percent chance of guessing a Korean-speaking user’s answer to the question, “What is your city of birth?” and a 43 percent chance of guessing the favourite food.
4. Monitor your credit.
Typically a service will offer one year of free credit monitoring if it has been breached. But be aware that attackers do not dispose of your Social Security number, birth date or password a year after they acquire it.
It is better to monitor your credit aggressively at all times through free services like AnnualCreditReport.com.
5. Freeze your credit.
In the attack at the IRS, a credit freeze may not have thwarted thieves from filing for false tax refunds, but it could have stopped them from pulling tax transcripts or opening other accounts.
To freeze your credit, call Equifax, Experian or TransUnion and ask to have your account frozen. The credit agency will mail a one-time PIN or password to unfreeze your account later.
Published 02 August 2015, 16:34 IST