Securing your Digital Life: MFA, Password Managers and Risk


In security, there are always tensions; the balancing act between security, convenience, and functionality. While these three, often competing interests cause many people to become frustrated, there are some simple steps that can ease the security struggle:

  • Any Multi-Factor Authentication (MFA) is better than no MFA.
  • Any password manager is better than not using one.
  • Determine your current level of risk, your risk exposure, and act in the way that best protects you.

A look at the Trio

Securing your digital life is a never-ending pursuit, but, while it can seem overwhelming at times, don’t let that prevent you from expending a little effort to make yourself a less attractive target. A data breach of one service provider is especially dangerous if you haven’t followed security best practices. These factors should provide you with a solid foundation to build upon, while also reducing your risk exposure.

1: MULTI-FACTOR AUTHENTICATION (MFA)

With multi-factor authentication, you can add an extra layer of security to your digital life in case your password is compromised. There are many different implementations:

  • SMS Text Message – This form of multi-factor authentication involves a message being sent to a trusted phone number. The recipient is required to either interact with the text or use a one-time code to verify their identity on a site or app.
    • Benefits:
      • Ubiquitous and user-friendly.
      • No cost to implement.
    • Drawbacks:
  • Authenticator App – This authentication method uses an authenticator app that generates temporary passwords that change regularly. After entering your password, you’ll need to enter the code from your authenticator app to complete the sign-in process.
    • Benefits:
      • No cost to implement.
      • More secure than SMS text messages.
      • Access codes work offline.  No cell service or Wi-Fi is required for the codes to work.
    • Drawbacks:
      • Requires more setup and maintenance.
      • Account access could be temporarily interrupted if a device is damaged or lost.

When using an authenticator app, it is important to note the backup codes that are provided when setting up the app, just in case the phone becomes lost or stolen. It is important to note that most people are more likely to lose their phone and the MFA codes along with it, than fall victim to a SIM swap or other MFA attack schemes.

In fact, one benefit of many MFA implementations it that if a person receives an authentication request when they are not trying to log into a site would alert that person that their account is under attack.

  • Passwordless – This is the most secure authentication method available. Passwordless authentication is any form of authentication that doesn’t require the user to provide a password at login. Passwordless options are achieved with the use of a hardware token.
    • Benefits:
      • Stronger security.
      • Better user experience.
    • Drawbacks:
      • Not free, due to the requirement of the hardware token.
      • Requires an extra device.
      • Not all sites have adopted passwordless technology.

There is a list of sites that support MFA, however, it is best to check the particular site that you are logging into to see if they support MFA, and what type they support.

If you upgrade or switch your mobile device, the MFA app will update, and resynchronizing the existing MFA codes is an easy process.

#2: PASSWORD MANAGER

The sole purpose of a password manager is to help you securely create, manage, and store strong passwords for each of your accounts and avoid password re-use. The main benefit of a password manager is that you need to remember only one master password to log in. Another benefit is that a password manager will also not allow you log into a fraudulent site, since it stores the correct site URL when it is first set up.

The built-in password storage offered by the major operating systems are a fair start towards protecting online accounts, however, a third party application offers much more functionality and benefits.

  • Dedicated Stand-alone Application
    • Benefits:
      • Advanced security features.
      • Cross-platform compatibility.
    • Drawbacks:
      • Not free.
      • The password management provider is a target for attack groups.

Regardless of the password manager you use, it’s important to protect your data with a strong master password.

#3: RISK EXPOSURE AND RISK APPETITE

Overall, your level of security is going to be dictated by your comfort with your online activities. Of course, you will want to protect your financial information with greater security than your social media accounts. 

If you are curious about whether your email and password were part of any known breaches, there is a free site that monitors such activity. You can enter your email address, and you will be notified of any security breaches where your email was part of the stolen information.  Many of the popular password managers also include similar services.

Security doesn’t need to be frustrating. With a little diligence, you can set yourself on a path that moves you towards a more secure digital life.



Source link