In the wake of Equifax and what seems like endless daily stories about cyber security incidents, I think it's clear that we all need to get more serious about our own personal cyber security planning. One simple, yet powerful way for you to become better protected, is to set up what's called Two Factor Authentication on as many of your online accounts as possible.
Two Factor Authentication, or 2FA, is an ugly term but it offers some beautiful protection. And the good news is, you've already used 2FA. 2FA simply means proving that you are who you say you are, with not just one, but with two separate factors. The best example from everyday life is an ATM machine. When you make a transaction at an ATM machine, you are required to have your card (Factor #1) and your PIN (Factor #2). This means you need to have something (your card) and know something (your PIN) to get your cash.
When it comes to online security, a password is only one factor. And hackers are usually quick to point out that a password itself is often not hard to crack. So while generally not the default option, you should turn on 2FA for every online account that requires a password (and almost all of them offer it by now). How it usually works is when you log on for the first time after setting up 2FA, or when logging on from a different device, the website will send a code via SMS text to your mobile phone. You'll need to enter in this code, along with your password to gain access. So you'll need to have something (your phone) and know something (your password) to prove that you are you and not a criminal.
It’s important to note that it’s usually only when you (or someone pretending to be you) logs in from a new device that the 2FA goes into action. So if you log into Gmail every day from the same phone or computer, then you won’t be required to do 2FA ever time.
2FA, while still not fully impenetrable nor foolproof, offers much greater security in guarding your online presence than just a simple password. 2FA is such a major cyber security enhancement that even the White House, under the Obama Administration, was focused on making Americans aware of it with its #TurnOn2FA campaign.
I’d suggest starting with the accounts that you access daily. For example, your email, banking, social media, and data storage/iCloud accounts. Email is an important one. If you've ever received spam from someone you know, it's most likely because they did not turn on 2FA and their account was hacked. Additionally, in financial services, fraud happens because someone's email gets hacked, the hacker learns who the financial advisor is and then starts sending requests for money via the victim’s own email address to the financial advisor. This is one of the many reasons that I always require my clients to speak to me, either over the phone or in person, to confirm any transfer requests.
If you’re a Breakwater client you’ll notice that your client portal automatically requires 2FA.
To learn more about setting up 2FA please visit www.twofactorauth.org. There you’ll find a database of web services that offer it along with step by step direction for each.
I believe that personal cyber security will continue to grow as a significant source of risk in all of our financial lives. My goal is to continue to make you aware, to educate, and to help keep you safe.
Past performance is no guarantee of future returns. Investing involves risk and possible loss of principal capital.
The views expressed in this blog post are as of the date of the posting, and are subject to change based on market and other conditions. This blog contains certain statements that may be deemed forward-looking statements. Please note that any such statements are not guarantees of any future performance and actual results or developments may differ materially from those projected.
Please note that nothing in this blog post should be construed as an offer to sell or the solicitation of an offer to purchase an interest in any security or separate account. Nothing is intended to be, and you should not consider anything to be, investment, accounting, tax or legal advice. If you would like investment, accounting, tax or legal advice, you should consult with your own financial advisors, accountants, or attorneys regarding your individual circumstances and needs. No advice may be rendered by Breakwater Financial, LLC unless a client service agreement is in place.
If you have any questions regarding this Blog Post, please Contact Us.