DIGITAL
fb3f038acfb63e98235180c6d7b327796a4c4848.1
fb3f038acfb63e98235180c6d7b327796a4c4848.1
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
(Continued from page 14)<br />
Some systems don’t allow spaces as special characters,<br />
so you can either use the underscore or just skip the<br />
spaces.<br />
There are certainly other ways for hackers to<br />
compromise your passwords, but by extending the<br />
length, you’ve taken yourself out of the crosshairs of a<br />
very common exploit.<br />
DEFAULT PASSWORDS<br />
When it comes to the equipment that you use, every<br />
hacker knows the default password to every device<br />
connected to the Internet. Leaving passwords at the<br />
factory default for any device you use (routers, webcams,<br />
etc.) makes it much easier for hackers to wreak havoc.<br />
LOW TECH PASSWORD MANAGEMENT<br />
Using unique longer passwords for every account<br />
makes remembering all your passwords pretty difficult, if<br />
not impossible, so finding a password manager of some<br />
sort is the key.<br />
Although there are lots of password management<br />
programs, don’t forget that a low-tech approach may be<br />
all you need.<br />
Writing down your passwords and keeping it buried<br />
somewhere in your desk is a far better option than using<br />
the same password on every account you own.<br />
The total number of “hackers” that can gain access<br />
to a physical piece of paper buried somewhere in your<br />
desk pales in comparison to the millions that know to try<br />
a compromised password everywhere.<br />
The key is to not make it obvious that the document<br />
(physical or electronic) is a list of passwords.<br />
Don’t use the word password anywhere on the<br />
document and come up with your own encryption scheme<br />
just in case someone does find it.<br />
For instance, add four random characters to the<br />
beginning of each entry so only you will know to ignore<br />
them.<br />
While this approach isn’t technically as secure as using<br />
an encrypted password management program, it’s a heck<br />
of a lot safer than using the same password everywhere<br />
and easier for non-tech savvy users to execute.<br />
TWO-FACTOR AUTHENTICATION<br />
If you assume (and you should) that at some point your<br />
passwords are going to be compromised, you need to<br />
take some steps to protect yourself so you’ll know what to<br />
do when it happens.<br />
A very powerful security tool that can thwart cyberthieves<br />
even if they get your username and password is<br />
available for just about every online account you have.<br />
It’s referred to as two-factor authentication (or two-step<br />
verification) and it refers to something you know (your<br />
password) and something you own (your smartphone).<br />
Once it’s turned on, whenever you enter your username<br />
and password from a computer or mobile device that isn’t<br />
recognized by the system, a short code will be sent to<br />
your phone to verify that it’s really you.<br />
If you don’t enter the code, it won’t let you — or a<br />
hacker that has stolen your login info — to access the<br />
account.<br />
You’ve been using two-factor authentication forever<br />
whenever you withdraw money from an ATM. You have to<br />
have your debit card (something you own) and your PIN<br />
(something you know).<br />
Imagine a debit card that didn’t require a PIN; that’s how<br />
you should view your online accounts without two-factor<br />
authentication activated.<br />
PASSWORD FRAUD ALERTS<br />
The best part of using two-factor authentication is<br />
that it automatically becomes a fraud alert system when<br />
someone has your username and password.<br />
Remember, even if a hacker acquires your username<br />
and password, they won’t be able to access your account<br />
because they don’t have your phone in their hand.<br />
Now, whenever you get a text message out of the<br />
blue saying “here’s your access code,” you’ll know that<br />
someone has acquired your username and password and<br />
is trying to use them.<br />
You’ll also know that they can’t get in without your<br />
phone, so you can simply change your password to prevent<br />
future issues.<br />
The process for setting up two-factor authentication is<br />
different for every account so a great web resource to learn<br />
how to turn it on for the web services you use is located at:<br />
https://twofactorauth.org.<br />
SECURING YOUR MOBILE DEVICES<br />
Laptops, smartphones and tablets are critically<br />
important business tools these days, but they are also<br />
extremely desirable to thieves.<br />
Mobile devices by their very nature are more likely to<br />
be lost or stolen, so you should assume that it’s going to<br />
happen and act accordingly.<br />
Make sure all your devices have access passwords to<br />
make accessing your sensitive info more difficult and install<br />
a remote tracking program so you’ll know what to do when<br />
something goes missing.<br />
A really solid (and free) option is available at https://<br />
preyproject.com and it’s much more helpful than Find My<br />
iPhone or Find My Mac.<br />
Not only can Prey locate your device, it can lock it<br />
down, take a picture of whomever is using it, along with a<br />
screenshot of whatever they are doing on your computer.<br />
Location alone is not enough for law enforcement to<br />
do anything in most cases, so the additional evidence is<br />
very helpful.<br />
There are certainly many other things that you should<br />
consider when it comes to cyber-security, but these simple<br />
steps will go a long way to protecting you against some of<br />
the most common threats. <br />
Ken Colburn is president of Data Doctors<br />
Franchise Systems, Inc. He serves as<br />
chairman of IFA’s Marketing and Technology<br />
Committee. Find him at fransocial.franchise.<br />
org.<br />
16 FRANCHISING WORLD NOVEMBER 2015
Change language