Cybersecurity requires taking proactive steps

October is National Cybersecurity Awareness Month (NSCAM) and its goal is to raise awareness and empower everyone online to be safer, more secure and better able to protect their personal information by taking simple, actionable steps. This year NSCAM emphasizes personal accountability and the importance of taking proactive steps to enhance cybersecurity at home and in the workplace.

Occasionally databases full of stolen usernames and passwords are released by hackers for anyone to download. Upon perusing one of these databases on https://haveibeenpwned.com/, which is an online repository of email addresses and passwords that have been collected from publicly disclosed data breaches, I found my old forgotten email accounts and the correct passwords that I had made years ago. Luckily I had changed those passwords so this data was useless to a hacker. Here are some tips for protecting yourself against hackers who get ahold of stolen passwords:

1. Use two-factor authentication where possible. This is one of the best defenses against your passwords getting stolen. By setting up two-factor authentication with your phone for Facebook for example, an attacker would have to also have access to your cell phone to be able to log in. Two-factor can prevent unauthorized access to accounts when a hacker has the right password but not the user’s phone.
2. Use a password manager like LastPass or iCloud Keychain. This helps you keep track of what accounts you have, and it makes it much easier to change passwords more often, or deactivate old accounts that you don’t use. I highly recommend setting up two-factor authentication on your password manager.
3. Change old passwords and do not re-use passwords. As I shared, hackers had stolen my real passwords for several of my accounts and I had no idea. Knowing or not, I can reset passwords for my accounts periodically so if my passwords are stolen, they become useless to hackers. And although it’s tempting, it’s important to refrain from re-using a password for other accounts. If I had re-used old passwords on my current email account or my online bank account, anyone who checked out that stolen database would potentially have access to both.

Unfortunately we can’t get rid of hackers, but we can take simple but powerful steps to protect our online information. Visit https://staysafeonline.org/ for more information. If you feel that you need more protection, particularly if you own a business, seek help from a trusted security partner who can help you ensure that your online assets are properly secured.

Ariana Dow is a managed security services engineer at Hawaiian Telcom. Reach her at Ariana.dow@hawaiiantel.com.

© Honolulu Star-Advertiser

Visit this article in the Star-Advertiser