The easiest way for hackers to predict your password is through data breaches, credential reuse, and social engineering. Today, we will discuss the top 7 ways to protect your accounts from hackers. Attackers would find loopholes in their IT security and then steal account data. Users often reuse usernames and passwords on sites that allow access. Hackers can also use social engineering, including psychological or technical tricks, to gain information.
How to secure accounts or Protect Your Accounts from Hackers?
Changing your password will protect your accounts from hackers and prevent hackers from accessing your account. To secure an account from hackers, updating your account password at the first sign of an attack limits damage. Changing your password regularly also improves security. The credentials stolen in data breaches are often out of date.
Just ask former US President Donald Trump, whose Twitter password was “maga2020!”. Or Boris Johnson, who disclosed sensitive Zoom calls at the start of the pandemic in 2020. These will not protect your accounts from hackers (These world leaders will also receive specialized security training from security agencies).
All passwords you use for your online accounts must be strong and unique to secure them from hackers. This means that they should belong, include a mix of different types of characters, and should not be used on multiple websites. Your Twitter password must not be the same as your online banking password; Your home Wi-Fi network must not use the same credentials as your Amazon account.
Top 7 Ways to Protect Your Accounts from Hackers
- Turn on 2-Step Verification or Enable two-factor authentication
- Changing your password regularly
- Use a password manager
- Create strong passwords
- Keep track of which sites are vulnerable
- Use Premium Security Application
- Check if your accounts have been compromised
Turn on 2-Step Verification or Enable two-factor authentication
With 2-Step Verification (also known as Two-Factor Authentication), you add an extra layer of security to your account if your password is stolen. After you set up 2-Step Verification, you’ll sign in to your account in two steps: something you know, like your password. You have something, like your phone.
Absolutely. Once it’s set up, it only adds an extra step to sign in to your account from a new device or browser. It is always worth doing, and failing to do so can often leave you with nightmares of privacy.
Many sites now offer two-factor authentication as a security measure. You log in with your username and password and are then asked to enter a verification code, which is usually sent by text message to your phone. In theory, this makes it more difficult for hackers to get into – even if they have your password, they’ll need the text code.
Changing your password regularly
PIM recommends changing the password every 90 days (about three months). According to Theoctic, 80% of cyber security attacks involve weak or stolen passwords. Changing your password quarterly reduces your risk of exposure and avoids many IT security threats. Unfortunately, passwords are often neglected.
Most technical professionals recommend changing your password every thirty, sixty, or ninety days; Depending on what the password is used for, how often the account is accessed, and how strong the password is.
Use a password manager
It would help if you used a password manager. This will allow you to keep track of your passwords without remembering them. Some password vaults can even generate and change passwords for you in a single click and securely store other data types, such as credit card information.
If your laptop is infected with malware and you use your password manager, the malware can read every password you put there. This will increase the risk of protecting your accounts. Conversely, if you don’t use a password manager and your device is infected with malware, an attacker can steal the password you type, but not yours.
The best password managers let you know if your existing passwords are weak, reused, or shown in a data breach. These products help you improve your password hygiene by suggesting new, strong, and unique credentials for each login.
Create strong passwords
To protect your accounts, use a password of at least eight (8) or more characters (longer is better). Use a combination of uppercase letters, lowercase letters, numbers, and special characters (for example: !, @, &, %, +) in all passwords. A strong password should look like a series of random characters.
Have you ever seen those overly long lists of password guidelines? They go something like this:
- Use uppercase and lowercase letters
- use numbers
- use symbols
- use at least 8 characters
- don’t use dictionary words
- Do not use the same password twice
- Do not use personal information
An example of a strong password is “Cartoon-Duck-14-Coffee-Glvs”. It is long, contains uppercase letters, lowercase letters, numbers, and special characters. It is a unique password generated by a random password generator and is easy to remember.
Keep track of which sites are vulnerable
Vulnerabilities are tracked by their CVE (Common Vulnerabilities and Exposures) number. To protect your accounts and to help you get better informed about known vulnerabilities, here are five resources I use to improve my knowledge.
Your account can potentially be hacked anywhere, so it’s good to know which sites have been breached or data leaked. You can always do a quick Google and the site Vigilante.PW maintains a searchable directory of reported hacks and data breaches. If you find that a site you use has been compromised, it’s a good idea to change your password for that account.
Five resources where you can get better information about known vulnerabilities recommended by cybersecurity experts.
- National Institute of Standards and Technology (NIST)
- Microsoft Security Update Guide
The MITER organization, funded by the National Cyber Security Division of the Department of Homeland Security, coordinates the CVE database. This makes the link above a solid resource for up-to-date, accurate CVE information, but it can take a while to learn how to access the information you want.
National Institute of Standards and Technology (NIST)
This site is hosted by the National Institute of Standards and Technology (NIST). The link points to the NIST National Vulnerability Database (NVD) and provides access to a complete chronological list of CVEs, from newest to oldest. By drilling down, you can see that as of 7th December, we have 160 CVEs officially listed for December 2020. Going up one level on the home page offers many options, but its navigation and usage may not be as smooth as Miter’s site. Clear at first.
This link, in my opinion, provides a more user-friendly interface for CVE information. The menu on the left margin has options to quickly browse the CVEs by seller, product, date, and type. However, this site is maintained by a private security consultant and may not always be as current or accurate as the first two sites listed here.
Microsoft Security Update Guide
This link points to a list of vulnerabilities in Microsoft’s Security Update Guide, and each column can be reversely sorted to make browsing easier. She was navigating a level higher yields a list with the relevant Microsoft KB article linked to the CVE, which is very valuable regarding patching.
Although it is not formally a security vulnerability resource, the search feature is handy for finding information about Apple products. Contrary to popular belief, Apple products are still subject to vulnerability exploitation, and this resource should not be overlooked as it is a quick way to find specific information. You can enter specific criteria in the search dialog to find relevant information. For example, you can enter the search criteria iOS 9 CVE and then select About Security Content of iOS 9 CVE.
Use Premium Security Application
Viruses, ransomware, scams, and other attacks target Windows more than any operating system, so if you own a PC, the stronger your security, the better.
To protect your accounts from hackers, use Premium Security Application which scans websites for security risks on both your computer and mobile phone, so you can finally shop and bank securely online on any device. It also protects against hacked routers that use fake DNS settings to send you to fake websites.
Premium Security Application is a full-fledged suite with an antivirus, a strong firewall, secure deletion, and many bonus features. Still, if you don’t need cross-platform protection, the company’s free antivirus is more cost-effective.
Check if your accounts have been compromised
Site Have I Been Pwned? is a free resource that allows you to see if your account has been compromised (or “pwned,” an Internet term meaning dominance or ownership) in a data breach.
HIBP collects data (email addresses and usernames, not passwords) from publicly leaked breaches and aggregates it to make it easier to search its database for your email or username.
When you enter your email or username, it provides a list of breaches in which your account was found, lists the site, a summary of the incident, and data that may have been compromised.
If you find yourself “locked in,” you should change your password not only to the tampered account but to any accounts that share that password and your email account as well.