Are Your Passwords and Security Questions Hacker-Proof?
posted Apr 18, 2016 by KLR in the Business Blog
In light of the recent cyberattack on the IRS “Get Transcript” site, cybersecurity awareness is more important than ever before. Cybercriminals hacked hundreds of thousands of accounts in this breach by scanning the internet for information on victims, which they were able to find with startling ease. If your passwords and security questions are not unique, you and your business will be at risk for cyberattacks.
Tips for your security questions
Passwords are usually required to have a certain number of characters, upper and lower case letters, numbers and symbols, but make sure your answers to security questions are just as strong. Make sure your questions:
- Have answers that, for YOU, are easy to remember, simple and do not change over time
- Have many possible answers for those who do not know you
- Have answers that are unique enough to not be found by data mining (i.e. ‘What was your childhood nickname?’ or ‘Where were you on your birthday in 2000?’)
- Some people choose to answer basic questions with a cryptic answer to make sure your accounts will not be hacked. For example, to answer the seemingly simple question, “Where did you grow up?” you would respond with “123SumBosMas021” using the first three letters of the street, city, and state, and the first three digits of the zip code instead of “123 Summit Street, Boston MA 02110”.
- Others have found that incorrect responses to security questions are the way to go. For example, for the “Where did you grow up?” question, some suggest answering with a completely incorrect street address, one that doesn’t even exist in your hometown.
**Just make sure you keep a log of complicated answers like this as they might be tough to remember.
Review your online presence periodically
Beyond ensuring that your security questions are indeed secure, make sure you review your accounts and passwords every so often. We suggest you:
- Cleanse your personal data from the internet- Be careful with social media.
- Test your passwords - Though it might seem silly, googling your passwords is a good way of making sure they are unique. Hackers will often employ software that attempts many passwords and searches for dictionary words or popular number sequences!
- Never use the same password for two different accounts- It will only take hackers minutes to penetrate all your accounts if you use the same password for everything!
Keep in mind that password safety is only one part of cybersecurity. Be sure to maintain a safe online presence and install all anti-virus software offered by your place of work, too. Make a conscious effort to ensure that your account is secured by “out of wallet” questions, which even the smartest hacker will not be able to crack.
Questions? Contact us.