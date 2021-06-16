Q: Why is it so important to have password protection and 2FA/MFA?
A: The story may go like this:
“I received an email from Netflix that my account has been suspended. I clicked on the link and entered my login information. Nothing happened at first. Now I have charges on my credit card that I don’t recognize.”
“I received an email from Amazon that my purchase for a $2,500 widget is on its way. What? I didn’t order a widget. I clicked the link, and it needed my Microsoft email account. I entered it in, and now people are getting emails that didn’t come from me.”
“I received a call from Microsoft that my computer has been hacked. I let them on my computer, they cleaned it up and charged me $249. Now they are calling back saying the same thing and I now need to pay more.”
I know what some of you are thinking: “It won’t ever happen to me. My business is small, so they won’t target me.” I assure you that everyone is a target. Stay educated and protect yourself with a good password and enable extra security to validate the password.
It’s nothing new that there are emerging threats every day, from phishing, spam, robocalls/texts, social engineering and many other forms of attack. These attacks are getting more creative and more sophisticated. Their primary goal is typically to take your money. The reason why they continue their attacks is because they are successful in exploiting you and finding weaknesses.
I know that most of you, including me, hate to have to create and change passwords. We also hate to create extra work by setting up two-factor or multifactor authentication. It’s inconvenient and slows us down, but necessary in protecting your precious data and money.
Use a password manager that also uses 2FA/MFA.
Make sure it has features to detect when a site has been compromised since the last time you changed your password. Make sure it has a feature that tells you if your password is common or vulnerable. Allow it to generate random passwords for you.
Do not use the same password for everything.
The bad guys know that we hate passwords, so they will try to use what they know to access other areas and further exploit you. Be creative and use a small phrase and include upper case, lower case, numbers and special characters.
Be educated.
Regular notifications of emerging threats, compromised sites and breaches are important. Keep yourself and your family, employees and friends educated on threats that you see and encounter — not just the silly ones, but the ones that look extremely clever. Know how to spot a fake email. Know what to do if you accidentally gave more information then you should have.
Question and review anything that looks out of the ordinary.
Instead of clicking on a link and providing info, go directly to the site and log in to check for yourself.
