One of the conveniences of the digital age is the ability to get information at the click of a button. Want to know your account balance or if a payment to the power company cleared the bank? You can just log into online banking instantly.
No having to go down to the bank or wait for a monthly statement, as was the norm a couple of decades ago.
You can also do more things online that used to mean waiting in line. Like being able to order stamps or mail a package. You can now pay postage online and schedule a pickup from your front porch. So much easier!
But with the new online way of doing things also comes tons of accounts and passwords. You need to sign into everything from online banking to Amazon to MyChart to see your health records.
This means creating passwords to get into all those accounts. Passwords that can be hacked if they’re not strong enough. Passwords that could potentially get exposed if the site you’re using has a data breach.
80% of the security incidents in 2019 were the result of hacked passwords.
About 65% of people reuse passwords across several sites because let’s face it… how are you supposed to remember them all?!
This makes a hacker’s job even easier because they know they can try one hacked password on several accounts.
One of their favorite types of accounts to gain access to is online banking. It gives them direct access to your money to do a transfer to their account.
How Does a Hacker Get My Password?
There are a few different ways that criminals can get ahold of your passwords for online banking and other online accounts. These include:
Public/Unsecure Wi-Fi: If you enter one of your logins while on public Wi-Fi, a hacker can steal your information.
Major Retailer Data Breach: Through no fault of your own, you can get your password stolen if a retailer is breached (recent examples include Target and Marriott).
Fake Phishing Site: If you entered your login into a fake phishing site, your password has been stolen and most likely is for sale on the Dark Web.
Easy Password: If you have an easy-to-guess password, then it doesn’t take a lot for a hacker to gain access to your accounts.
How to Protect Your Online Accounts with MFA
Because of all the ways that a criminal can gain access to your password, it’s important to protect your accounts with an extra step. This is another authentication method a site will use to make sure you are who you say you are.
This additional step is generally called multi-factor authentication (MFA). You might also see it referred to as two-factor authentication (2FA).
MFA can stop 99.9% of fraudulent sign-in attempts by hackers, even if they have your password. This makes it a really important safeguard.
What is MFA?
When you enable multi-factor authentication, you tell the site that you don’t want it to only trust your username and password. You want it to use one more step to verify you.
This is verification is in the form of a code (similar to a PIN code you use for your debit card). Some things to know about this code:
It’s usually around 6 digits
It is generally sent via text message
It will usually expire in about 5-10 minutes after you receive it
It’s different each time you try to log in
Once you have enabled MFA on your online banking or another account, these are typically the steps you’ll take to log in:
Enter your username and password.
Click a button to send the MFA code to your mobile phone by text.
Receive MFA code by text and input it into the form on the website.
Gain access to your account.
Enabling MFA on an Account
Enabling multi-factor authentication will look slightly different on each site. But the basic steps are the same.
Here are some of the different names you may see used for this authentication process:
Multi-factor authentication
Two-factor authentication
Two-step verification
Here is an example of setting up MFA for an account on USPS.com to protect a stored payment method from potentially being used by a criminal.
Sign in and go to My Profile.
Go to Preferences.
Click Two-Factor Authentication.
Click Verify.
Enter your mobile number, then click Generate Code.
You’ll receive a code by text to the mobile number you entered. Input that code into the form on the website.
Click Validate Code. Then, check the box next to “Enable my mobile device ###-###-#### for Two-Factor Authentication.”
Now, whenever you log into that specific site, it will ask you to click to send a code to your phone (which a hacker won’t have) and you’ll enter that to gain access to your account.
Need Help Setting Up MFA Protection on Your Accounts?
CompuTara can help if you need assistance setting-up MFA for your online banking or any other online account you have. I specialize in working with seniors in the New Jersey area and beyond.
Schedule your security session today! Call me at 862-368-4893 or Email me here.
For an extra layer of security, check out MalwareBytes for your PC. I highly recommend it:
References linked to: