We hear about data breaches on a daily basis, and it's no surprise. You do not need to be a large corporation or an oligarch to fall victim to a cyberattack. By understanding what cyberattacks are, you'll be able to detect and prevent common cyberattacks and protect your devices and online accounts from hackers.
When COVID-19 was first discovered in 2019, most people thought their lives would remain unaffected by the outbreak, which eventually turned into a pandemic. Fast-forward to 2021 and most people that could work from home are doing so, and it is staying for the long haul.
The perks of working from home are numerous. You can roll out of bed in your pj’s and still make it on time for the Monday 9 am meeting. Having the comfort of your own home, avoiding the commute, saving money on those office lunches because you forgot your packed lunch…. I could go on. It’s not all perks though, as there are always thieves and scammers on the lookout and with most workers using their own devices and laptops, cybersecurity could range from financially devastating to easily avoidable.
We've recently heard that about a half-billion Facebook accounts were breached, and posted on hacker's forum for anyone to grab. We often hear the world's largest companies were hacked, and our personal data are leaked. A website like HaveIBeenPwned search data breaches, and tells you if your email or phone number has been pwned. It's not your fault that your personal data has been breached, but you'll be the next victim of identity theft if you don't protect yourself.
Ever since we began using computer systems, we are all accustomed to username and password pair to protect our accounts whether that is a computer, bank account, smartphone, or personal email. We also know that password is not the most secure authentication method available today, and there are so many hacks and data breaches that threaten our security. Username and Password are purely based on what the user knows, and this knowledge can be stolen or breached which is a big concern for account security.
We've learned that SSID is the network name, and we use this name to know which wireless network we're connecting to. If you've established a connection previously, your computers and smart devices have saved the password in some location for later use. Next time you need a wireless connection, the device will automatically connect to the network it has connected to before. If you can't recall the WiFi password of your router, there are ways to find the password as they are stored in your Windows, macOS, and smartphones.
Burte force attack is a method used to guess username and password combination continuously until the valid login is discovered. Hackers use password cracking software to guess all possible passwords for a known username to gain access to the target system.
The YubiKey is a hardware device that generates passcodes for 2-factor authentication (2FA). It is not a password manager and does not store username/password pairs for your online accounts. It is a pure 2FA device that generates HMAC-based One Time Passwords (HOTP) and Time-based One Time Passwords (TOTP) that you can plug (or NFC) into your smart device. The YubiKey is recognized as a human interface device (HID) and delivers password as if the keystrokes are coming from a keyboard.
Microsoft lagging behind Google and Apple on browser war, and also fell behind on the password manager debut. Microsoft finally completed its password manager beta testing, and officially released Autofill password manager that utilizes Microsoft Authenticator. This is good news for Edge users, but Chrome users on the Mac, Windows, iOS, and Android can also benefit from it. We all know creating strong passwords for online accounts is a hassle, and remembering them is even worse. More free tools like Autofill will help online users from steering away from using weak passwords and reusing the same password for multiple accounts.
Google password manager is built into the Chrome web browser, and it interacts with the web forms automatically if you're using the Chrome browser. The first time you submit a login form, the Chrome browser will prompt if you want to store the username and password pair in a vault on your computer, and whether you want to sync them to the cloud on your Google account. The next time you visit the same site, once you enter the username portion of the form Google Chrome will auto-populate the password field. If you sync your passwords with your Google account, all the passwords are available on every device you use as long as you use Google Chrome and sign onto your Google account.
Apple's iCloud keychain is a password manager for macOS and iOS devices including Macs, iPhones, and iPads. Username/password pairs, credit card information, Wi-Fi credentials, and other personal data can be stored in iCloud, and shared amongst all of your Apple devices. Your personal data are encrypted with 256-bit AES, and saved in your iCloud, and transferred to and from iCloud to your devices encrypted so it is very secure. The data stored in your keychain can be accessed through Safari, and some third-party Apple apps but not with Google Chrome, unfortunately.
2FA (2-factor authentication) is a form of MFA where a user is required to supply 2-forms of authentication to allowed access to the system. The traditional authentication system (or single-factor authentication) used the username/password pair to grant access to an account, but with a growing number of hacking due to the use of weak passwords prompts industry to offer an additional form of authentication to enhance the security of login access.
Web browsers today offer a built-in password manager, and auto-populate username and password on the websites you visit. This is a very convenient feature offered by virtually all web browser makers including Google Chrome, Safari, Firefox, and Microsoft Edge. The question is whether you can trust browser password managers to store your passwords without a security risk.
Multi-factor authentication also commonly known as MFA is an authentication process where more than one authentication mechanism is incorporated. A common implementation of MFA is the 2FA, which stands for 2-factor authentication. In a 2FA, two different authentication mechanisms are combined to successfully authenticate a user.
© 2006 - 2021, Brand Media, Inc. All rights reserved.
