Your Digital Identity
Identity. Comprised of everything associated with your physical being: height, weight, hairstyle and color, voice, even where you live. You do everything in your power to protect this identity. From exercising and eating right, using alarm systems to purchasing insurance. Your physical identity has always been the way for others to validate your existence. But what about your other identity? Your online identity.
Cybercriminals and others can often find personal information about you and your family online.
Have you been notified by a family member that your email account has sent out SPAM? Was your credit card used to purchase products online and had them shipped to an unfamiliar location? Did your Facebook account start contacting friends and relatives, asking them to send you money because you are stranded overseas? These are all signs that your online identity has been stolen. Once someone assumes your online existence, they become you in the virtual world. This makes it extremely difficult for your family members, friends and co-workers to tell the difference.
There are many services and techniques which you can use to protect your online identity. I am not talking about the companies that charge a monthly fee for credit monitoring. These techniques and services can be utilized in your daily life. These include proper online account management, privacy and security, and what to watch out for in electronic communications.
Password managers and the use of multifactor authentication are essential tools for increasing the security of your online identity. Every online service you use normally requires credentials to login. As websites are maintained by different organizations, with different views of security, one must exercise good judgment when entering sensitive information and the passwords used to protect that information. Password managers such as LastPass or KeePass store your credentials separate from the web browser and in an encrypted format. That way you are able to keep track of each unique password and it is protected from hackers. Using a unique password for every website is one way of safeguarding your information. In the event your credentials are compromised on one website, those credentials cannot be used to log into other websites.
Many organizations are beginning to support the use of multifactor authentication. Multifactor authentication is categorized as, “something you have and something you know.” You may use a form of multifactor authentication every day and not realize it. When purchasing goods, or withdrawing money from an ATM, a debit card is used and requires the physical card (something you have) and it’s PIN (something you know). With online accounts, a username and password is paired with a randomized 6-digit code. That way, if your credentials are stolen for a particular website, they still are unable to log in as the attacker does not have the randomized code. Companies have a variety of ways in offering multifactor authentication to their customers. Social media services like Twitter and LinkedIn offer multifactor authentication through text messages to a validated cell phone number. Facebook utilizes its own smartphone application in order to provide this additional step of authentication. Online services such as Google, Amazon and Microsoft provide QR codes, which will configure third-party multifactor authentication services such as Duo Security.
Social media websites such as Facebook, LinkedIn and Twitter are a great way for sharing pictures and keeping in contact with friends and family. They are also a great way for someone to get information on you that you may not want others to know. A mother’s maiden name is one of the most asked questions for password resets on websites. A malicious person only has to look so far as to your online profile to figure out what that name is. Other questions such as a pet’s name, place of employment or your favorite movie can be found through sharing information on social media. Entering incorrect information into the questions for password resets is an additional way of protecting your account. Fake information, when kept secret, is only known by you which makes it difficult for an attacker to find online. Have a hard time remembering how you answered a security question to a particular site? Place that information into your password manager.
With more and more adoption of online services, your online identity is becoming as important, if not more important, than your physical identity. While adding unique per site passwords and multifactor authentication are just a few of the techniques to protect your online identity, there are many additional ways to safeguard yourself online. Take time to read through the company’s privacy and security agreement policies along with their user guides to get more information.