This year, National Cyber Security Awareness Month (NCSAM) comes on the heels of one of the most devastating cybersecurity breaches in history, which exposed Social Security numbers and other important consumer data belonging to about half the U.S. population. In an age where the volume of breached data has increased more than eightfold in the past five years alone, the basic cybersecurity tips that consumers have relied on in the past aren’t necessarily the best ways to stay afloat in the modern threat landscape.

Five Outside-the-Box Cybersecurity Tips to Protect Your Accounts From Modern Threats

In the wake of countless major security breaches, many of the checkpoints commonly used to prove our digital identities, such as Social Security numbers, email addresses, passwords and personal facts, are now in the hands of fraudsters, meaning they are no longer a valid way to confirm who we are online.

Consumers should consider the following cybersecurity tips to get ahead of the modern threat landscape, taking into account new guidance around passwords as well as outside-the-box advice that that can help people cope in an age where personal data is no longer private.

1. The Ideal Password Is a Long, Nonsensical Phrase

While the death of the password has been long predicted, they’re currently a core method of access for most systems and must be created with care. While the rule of thumb for passwords in the past has focused on complexity, with at least eight characters combining letters, numbers and special characters, recent guidance suggested that longer passphrases — several unrelated words tied together, made up of at least 20 characters — are actually harder to crack and easier to remember.

2. Store Passwords in a Digital Vault

Reusing passwords is one of the worst things you can do because if one gets compromised, an attacker can access your other accounts as well. But memorizing a different password for each account is virtually impossible, which is why 81 to 87 percent of people reuse passwords in the first place.

Rather than try to memorize multiple passwords or store them insecurely on your phone notepad, use a password manager, which acts as a vault for existing passwords and can also generate stronger passwords for you. Instead of managing dozens of passwords on your own, you’ll just have to remember the one key to your digital vault.

3. Lie on Your Security Questions

Many account security questions ask about information that could easily be found online, such as former addresses, your mother’s maiden name, etc. Consider either selecting questions that are opinion-based, such as your favorite color or movie, or even using fake answers for these questions to ensure that only you would know the answer.

4. Double Dip on Security Checkpoints

Many services nowadays, particularly sensitive accounts such as email and banking, allow for two-factor authentication (2FA), which adds an extra security checkpoint when certain risk factors are present, such as logging in from a new location or device. Determine which accounts are at risk and add an extra login step to avoid a single point of failure.

The most popular example is a short message service (SMS) text sent to your phone at login that asks you to enter a one-time code to access the account. However, the second factor can be anything from an email to a phone call, an extra question or a hardware token generator that stands alone and produces time-based codes. The most effective measure depends on your service provider, but you can also use your own judgment to secure your accounts.

5. Get Down With Biometrics

Even if we apply the best practices above, we’re quickly approaching a future in which the use of passwords to establish identity isn’t enough. Biometric authentication uses physical and behavioral characteristics, such as fingerprints, as a means of protection. At the same time, experts have devised ways to make sure this data is collected and applied in a manner that protects consumers and prevents cybercriminals from hijacking it.

Consider using the fingerprint option to unlock your mobile device and back it up with a lock code. Some providers are using voice signatures, and others are employing facial recognition. The race to replace the password is on, and adopting these new methods can help test and enhance them over time to make your digital identity more secure.

A Vast Playing Field for Fraudsters

The internet, our identities and the methods we use to protect ourselves online have evolved considerably in the past decade. Almost everyone has a digital identity nowadays — nearly 90 percent of U.S. residents were internet users in 2016 — so attackers have a vast playing field. Learning to outsmart the bad guys can go a long way toward shifting the dial on safeguarding our identities in an era in which our data is no longer as private as we’d like it to be.

Read the Report: Detecting digital identity fraud with IBM Trusteer

More from Endpoint

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today