Security isn’t a simple matter of caring or spending time reading manuals or being told what you can or can’t do. Security is understanding how to view the world from a different perspective: instead of functional does it work, viewing it as how can I break it. In our personal lives, it’s how can someone misuse this? Be it our social media pictures, accounts, and so on. This is a skill that people build over time, and it’s completely appropriate to start out small. If you can do nothing else, consider the access to your accounts, professional, banking, and social media. Consider how hard a malicious actor needs to work to gain access to these. Then layer on restrictions to limit the likelihood.

What do I mean by “layering”? Consider someone looking to steal a vehicle.

  • A vehicle unlocked and parked on the street can easily be picked up in an opportunistic attack. This is how I would view an account with a poor or easily guessable password. This is because, whilst it may have a password, there are automated tools that can test a list of common passwords against it. If it is found in a breach: it may already know the password/username combination to use.
  • A vehicle that’s locked and parked on a quiet street, whilst still vulnerable, is more secure than the first. This is how I would view a secure password.
  • A vehicle that’s locked and stored in a secure garage requires knowledge and skill to steal. It also requires motivation for that specific vehicle. This is how I would view an account using a secure password and a second form of authentication.

What Is the Difference Between Two-Factor Authentication and Two-Step Verification?

To understand this, you need to understand what multi-factor is: something you (Read more...)