Why Cyber Hygiene Matters and How to Improve Yours
A few weeks ago, my wife received a notification from X, formerly known as Twitter. An unknown individual has accessed her Twitter account. Thankfully, she had me, so I quickly helped her to take her account back. We reset her password and developed a stronger one, and from there, we continued locking the account by enabling MFA.
The incident ends here, but I had a lot of thoughts that night about how they accessed her account. Was my wife sloppy with cybersecurity? Have they phished her credentials? It is simpler than that, and today, I will walk you through the incident and discuss how we can prevent these things.
The Importance of Cyber Hygiene: Understanding Why It Matters
Everything you do online leaves a trace. Every account you create requires a password. Passwords accumulate, so you need to store them somewhere. A lot of people use password managers, but sometimes we forget that. Thus, convenience prevails, and we choose to use reusable passwords.
Let’s not forget that we tend to ignore the accounts we created and the services we used. Forgotten accounts tend to come back to our lives in the form of a hack where your data gets dumped on the Dark Web. From there, attackers can quickly try to see if your password for Google also works for Facebook and so on. I mentioned convenience before, and from experience, attackers tend to succeed a lot due to our sloppiness.
The last piece of the puzzle is the need for MFA use. We could prevent many cyber-attacks if we used available MFA options. What is MFA? MFA stands for Multi-Factor Authentication. It’s a security process that requires the user to provide an additional authentication factor before accessing a system. More and more services and apps are adopting it, so it would be silly not to use it, yet people tend to ignore it.
A lack of password management, skipping account closures, and missing MFA is bad cyber hygiene. We can flip these bad habits by following the best practices I will provide in the second part of this story.
Best Practices for Cyber Hygiene
What could we do to protect ourselves and have good cyber hygiene? We will start with a password manager. I do not endorse any product, but the space has many good ones to help you with passwords. The critical practice is creating random passwords for each service and never reusing the same password.
Regarding accounts, my strategy is to follow a lifecycle. I create an account for a service, use it, and then retire it. I go to great lengths to close or deactivate my accounts. I do that because the fewer accounts are floating around, the less likely your data ends up on some big data dump.
I use MFA anywhere I can, and I highly recommend it to you as well. Start with the most critical accounts that you would like to protect. Get a few YubiKeys or use the MFA app. You will be thankful for simple advice that will pay off in the long term.
Even if a hacker hacks into your account and steals your passwords, enabling the MFA option will prevent an account takeover.
Conclusion
Armed with these simple tips, you will have a fighting chance against hackers. I quickly figured out what happened regarding the Twitter hacking story. She had a few accounts that were part of recent data breaches. The hacker reused the password, and it only took someone to try to access her Twitter account. I am glad that we quickly spotted someone doing that. This article is a good story and a call for action for people who neglect cyber hygiene. It is your chance to do it better. Make it count!