Episode 6

full
Published on:

29th Aug 2023

Ep6: Securing Your Online Accounts

In this episode of Byte Sized Security, host Marc David dives deep on best practices for locking down your online accounts, including:

  • Creating strong, unique passwords - Using passphrases, password managers, proper length and complexity
  • Enabling multi-factor authentication - Using authenticator apps, security keys, SMS codes, and other factors
  • Securing MFA backup codes - Storing offline, not on your computer
  • Using advanced authentication options - Like biometrics and video selfie verification when available
  • Monitoring account activity - Setting up alerts for suspicious logins, transactions, and changes
  • Revoking unnecessary third-party account access
  • Turning on enhanced security settings - Like fraud monitoring and access restrictions
  • Responding to account breaches - Changing passwords, contacting companies, freezing credit
  • Maintaining good account hygiene - Signing out, updating credentials periodically, deleting unused accounts

For full episode recaps, subscribe to Byte Sized Security wherever you get your podcasts or visit bytesizedsecurity.show. See you next time!

---

I do hope you enjoyed this episode of the podcast. Here's some helpful resources including any sites that were mentioned in this episode.

--

Sites Mentioned in this Episode

--

Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:

Listen to Byte Sized Security

--

Support this Podcast with a Tip:

Support Byte Sized Security

Transcript
:

Welcome back to another edition of Byte Sized Security, the podcast

:

sharing bite-sized cybersecurity lessons.

:

With new account breaches happening constantly, it's clear that relying on

:

weak, reused passwords alone is no longer enough to protect our digital lives.

:

That's why in this episode, I'll be diving deep on best practices for

:

securing your critical online accounts.

:

I'll explore the elements of strong passwords, using unique

:

passwords for each account, proper password storage, and cutting-edge

:

authentication methods beyond passwords.

:

I'll also provide tips on monitoring account activity, handling breaches,

:

and overall account hygiene habits.

:

If you want to lock down your online accounts to reduce your risk of

:

cybercrime, phishing, and identity theft, this episode is for you.

:

Your online accounts are the gateway to your digital life, containing everything

:

from financial data to personal communications to identity information.

:

That's why the accounts themselves, and the ways you secure them, should

:

be one of your top priorities for boosting your cyber protection.

:

I'll start with some key tips for creating strong, unique passwords

:

for every account, since your password is still typically the

:

first line of defense preventing intruders from accessing an account.

:

First, length matters when it comes to security.

:

Use passwords of at least 12 to 14 characters, or ideally even longer

:

passphrases of 20+ characters.

:

Longer passwords are exponentially harder for hackers to crack.

:

Include a random mix of uppercase and lowercase letters,

:

numbers, and special symbols.

:

Avoid dictionary words or personal info that could be uncovered.

:

And definitely don't use the same password across multiple accounts, as breaches

:

often compromise passwords to many sites.

:

Ethan, can you explain the concept of password re-use?

Ethan:

Sure Marc.

Ethan:

You know that e-mail password you do not care if somebody knows

Ethan:

because it's just for spam e-mail?

Ethan:

Well did you use that password on a site you do care about?

Ethan:

Password re-use is how one site's password gets compromised and that's input into a

Ethan:

program that tries that email and password combination on thousands of websites.

Ethan:

Next thing you know, somebody is getting free Uber rides on your account.

:

To aid in remembering complex unique passwords, use passphrases

:

- long passwords built from multiple words, like "CrazyCat&HatFly4Ever".

:

This makes it easier to recall but still secure against guessing.

:

You can also use a password manager app like 1Password or Bitwarden to

:

securely generate and store strong, randomized passwords for each account

:

rather than manually creating them.

:

Just be sure to use a very strong master password for the manager itself.

:

Now let's discuss multi-factor authentication, which adds

:

a second layer of identity verification beyond just a password.

:

Options include SMS codes, authenticator apps, security keys, or biometrics

:

like fingerprint or facial recognition.

:

In case you missed it, Episode 2 of Byte Sized Security named, "Securing

:

logins with two-factor authentication," covered this topic in depth.

:

Multi-factor authentication blocks access to accounts even

:

if the password is compromised.

:

So it's absolutely critical to enable on any sensitive logins, especially email,

:

financial services, cryptocurrency, and accounts storing personal information.

:

Authenticator apps that generate 6-digit time-based one-time codes

:

are generally the most secure and convenient multi-factor method.

:

Though security keys you physically plug in provide the strongest protection.

:

Enable multiple factors on as many logins as you can.

:

Of course, you'll want to store any backup codes needed for multi-factor recovery in

:

a very secure place, not on your computer.

:

And take care not to have your primary and secondary factors ever compromised

:

together, or that defeats M F A's purpose.

:

A cybercriminal needs to only circumvent your weakest

:

security layer to gain access.

:

One potential drawback of physical hardware tokens is

:

some compatibility Issues.

:

Not all online services support hardware tokens, so you might still

:

have to rely on other 2 Factor Authentication methods for some accounts.

:

But hardware tokens do offer enhanced security.

:

Hardware tokens are immune to many common attacks such as phishing,

:

man-in-the-middle, and replay attacks.

:

Since the token is a physical device, attackers cannot easily duplicate or

:

intercept the authentication code.

:

While hardware authentication tokens offer robust security benefits, they

:

come with their own set of challenges.

:

The decision to use them should be based on individual needs, the

:

value of the data or accounts being protected, and personal preferences.

:

There is a link in the show notes to how to figure out

:

your own personal threat model.

:

For your most high-value accounts like banks or crypto currency

:

exchanges, explore any advanced authentication options offered

:

beyond standard multi-factor.

:

For example, some financial institutions allow using biometrics or video selfie

:

verification when accessing accounts, adding further identity proofing.

:

And there is the concept of Passwordless logins which eliminate the need

:

for users to enter a password.

:

Instead, they rely on something the user has like a mobile device or

:

something the user is like a fingerprint.

:

Solutions like 1Password offer this by sending a secure link to

:

a registered email or device, or using biometric authentication.

:

But it may not be accepted on every site where 2 factor

:

authentication is more standard.

:

In either case, you will probably need a trusted device to authorized

:

the request like your phone.

:

Using an authenticator app is just as easy and familiar and serves a similar purpose.

:

Most authenticator apps like Authy, will allow you to set a different

:

PIN or use biometrics to open the app to use the 6 digit code

:

being asked for enhanced security.

:

So even if somebody has your phone and it is unlocked, they would still

:

need a PIN or biometrics to open the authenticator app to get the code.

:

Now I'll touch on a few other important account security habits

:

beyond your login credentials:

:

Carefully monitor account activity for any unauthorized

:

access attempts, transactions, or changes to account details.

:

Many services let you set up alerts for suspicious activity.

:

Be cautious of third-party apps and sites requiring your login credentials.

:

Only provide to reputable services, not random websites.

:

And revoke access once no longer needed.

:

When available, enable the highest account security settings, like fraud monitoring,

:

restricting account access locations, and mandatory strong authentication.

:

If you do have an account compromised, respond quickly.

:

Change your password immediately and enable Multi Factor

:

Authentication if not already on.

:

Contact the company to secure the account and assess damage.

:

Scan devices for malware.

:

And place fraud alerts with credit bureaus if personal data was exposed.

:

Lastly, maintain overall good account hygiene habits.

:

Sign out of accounts after using services.

:

Change passwords if breached or you have reason to be suspicious.

:

Delete old unused accounts lingering online.

:

And make sure your email, phone and security options

:

are kept current on accounts.

:

Applying all these security layers will greatly reduce

:

the risk of your credentials being your cyber Achilles heel.

:

Enabling multi-factor authentication and using strong, unique passwords remain

:

two of the most impactful steps you can take to lock down your digital kingdom.

:

I know that's a lot of account security ground we covered today.

:

But staying vigilant over your online logins is one of the wisest

:

investments of time you can make to protect your data and identity.

:

I hope these tips give you a blueprint to significantly harden your defenses.

:

In the show notes, I will link to a resource where you can quickly,

:

easily and for free, lock your credit.

:

This simple thing that almost nobody does, will stop thieves from getting loans

:

and credit authorizations in your name.

:

Identity theft is real and really difficult to unravel.

:

By locking your credit, you can make it harder for your identity to be

:

stolen and you do not have to subscribe to a monthly service to do this.

:

It is free and easy to do.

:

Again, check the show notes for a step-by-step how-to guide to easily lock

:

your credit at the major credit bureaus.

:

That wraps up this episode of Byte Sized Security focused on properly

:

securing your critical online accounts.

:

Enable multi-factor authentication, use strong unique passwords and

:

password managers, monitor activity, and maintain good account hygiene.

:

Account security should be the cornerstone of your overall cyber protection strategy.

:

And be sure to check the show notes of this podcast for helpful resources

:

specific to securing your online accounts.

:

Until next time, stay safe in the digital world!

Support the Podcast with a Tip

If you're enjoying Byte-Sized Security and finding these practical tips useful, please consider supporting the podcast with a small contribution. It costs $17 per month just to cover podcast hosting fees, and your support helps offset the costs of producing this security resource and keeping episodes free. Even a tip of $1-5 per month from loyal listeners adds up and allows me to continue providing great cybersecurity info. Please considering a donation. I appreciate you helping sustain Byte-Sized Security! Now back to the security tips..
Support the Podcast
A
We haven’t had any Tips yet :( Maybe you could be the first!
Show artwork for Byte Sized Security

About the Podcast

Byte Sized Security
Snackable advice on cyber security best practices tailored for professionals on the go
In a world where cyberattacks are becoming more commonplace, we all need to be vigilant about protecting our digital lives, whether at home or at work. Byte Sized Security is the podcast that provides snackable advice on cybersecurity best practices tailored for professionals on the go.

Hosted by information security expert, Marc David, each 15-20 minute episode provides actionable guidance to help listeners safeguard their devices, data, and organizations against online threats. With new episodes released every Monday, Byte Sized Security covers topics like social engineering, password management, multi-factor authentication, security awareness training, regulatory compliance, incident response, and more.

Whether you're an IT professional, small business owner, developer, or just someone interested in learning more about cybersecurity, Byte Sized Security is the quick, easy way to pick up useful tips and insights you can immediately put into practice. The clear, jargon-free advice is perfect for listening on your commute, during a lunch break, or working out.

Visit bytesizedsecurity.com to access episodes and show notes with key takeaways and links to useful resources mentioned in each episode. Don't let cybercriminals catch you off guard - get smart, fast with Byte Sized Security! Tune in to boost your cybersecurity knowledge and help secure your part of cyberspace.
Support This Show

About your host

Profile picture for Marc David

Marc David

Marc David is a Certified Information Systems Security Professional (CISSP) and the host of the cybersecurity podcast, Byte-Sized Security. He has over 15 years of experience in the information security field, specializing in network security, cloud security, and security awareness training. Marc is an engaging speaker and teacher with a passion for demystifying complex security topics. He got his start in security as a software developer for encrypted messaging platforms. Over his career, Marc has held security leadership roles at tech companies like Radius Networks and Vanco Payment Solutions. He now runs his own cybersecurity consulting and training firm helping businesses and individuals implement practical security controls. When he’s not hosting his popular security podcast, you can find Marc speaking at industry conferences or volunteering to teach kids cyber safety. Marc lives with his family outside of Boston where he also enjoys running, reading, and hiking.