{"id":421899,"date":"2022-03-26T16:00:46","date_gmt":"2022-03-26T13:00:46","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/you-need-to-protect-yourself-review-geek\/"},"modified":"2022-03-26T16:00:46","modified_gmt":"2022-03-26T13:00:46","slug":"you-need-to-protect-yourself-review-geek","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/","title":{"rendered":"#You Need to Protect Yourself \u2013 Review Geek"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2827797d566\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2827797d566\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#%E2%80%9CYou_Need_to_Protect_Yourself_%E2%80%93_Review_Geek%E2%80%9D\" >&#8220;You Need to Protect Yourself \u2013 Review Geek&#8221;<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#Companies_Already_Seeing_Mass_Hacks\" >Companies Already Seeing Mass Hacks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#Retaliation_Hacks_are_a_Forgone_Conclusion\" >Retaliation Hacks are a Forgone Conclusion<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#Protect_Yourself_Now_Before_Its_Too_Late\" >Protect Yourself Now, Before It\u2019s Too Late<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#Start_Using_a_Password_Manager_Now\" >Start Using a Password Manager Now<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#Enable_Two-Factor_Authentication_Everywhere_Possible\" >Enable Two-Factor Authentication Everywhere Possible<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#Hardware_Security_Keys_Are_an_Option_To_Consider\" >Hardware Security Keys Are an Option To Consider<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#What_is_a_USB_Security_Key_and_Should_You_Use_One\" >What is a USB Security Key, and Should You Use One?<\/a><ul class='ez-toc-list-level-5' ><li class='ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#Yubico_%E2%80%93_YubiKey_5_NFC_%E2%80%93_Two_Factor_Authentication_USB_and_NFC_Security_Key_Fits_USB-A_Ports_and_Works_with_Supported_NFC_Mobile_Devices_%E2%80%93_Protect_Your_Online_Accounts_with_More_Than_a_Password\" >Yubico &#8211; YubiKey 5 NFC &#8211; Two Factor Authentication USB and NFC Security Key, Fits USB-A Ports and Works with Supported NFC Mobile Devices &#8211; Protect Your Online Accounts with More Than a Password<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#FIDO_U2F_Security_Key_Thetis_Aluminum_Folding_Design_Universal_Two_Factor_Authentication_USB_Type_A_for_Extra_Protection_in_WindowsLinuxMac_OS_Gmail_Facebook_Dropbox_SalesForce_GitHub\" >FIDO U2F Security Key, Thetis [Aluminum Folding Design] Universal Two Factor Authentication USB (Type A) for Extra Protection in Windows\/Linux\/Mac OS, Gmail, Facebook, Dropbox, SalesForce, GitHub<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#Limit_Your_Information_Whenever_Possible\" >Limit Your Information Whenever Possible<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/buradabiliyorum.com\/en\/you-need-to-protect-yourself-review-geek\/#View_Every_Phone_Call_Email_and_Link_With_Skepticism\" >View Every Phone Call, Email, and Link With Skepticism<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9CYou_Need_to_Protect_Yourself_%E2%80%93_Review_Geek%E2%80%9D\"><\/span>&#8220;You Need to Protect Yourself \u2013 Review Geek&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div id=\"article-content-area\">\n<figure style=\"width: 1920px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage size-full wp-image-113351\" data-pagespeed-lazy-srcset=\"https:\/\/www.reviewgeek.com\/p\/uploads\/2022\/03\/ccc2a872.png?width=400 400w, https:\/\/www.reviewgeek.com\/p\/uploads\/2022\/03\/ccc2a872.png?width=1200 1200w\" sizes=\"auto, 400w, 1200w\" data-pagespeed-lazy-src=\"https:\/\/www.reviewgeek.com\/p\/uploads\/2022\/03\/ccc2a872.png?width=1200\" alt=\"A cyber crime lab filled with computers\" width=\"1920\" height=\"1080\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"type:primaryImage imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/hacker-working-on-computer-cyber-crime-709785886\">Rawpixel.com\/Shutterstock.com<\/a><\/span><\/figcaption><\/figure>\n<p>Right now, more than ever, you need to secure all your online accounts. It\u2019s long past time to embrace two-factor authentication, stop reusing passwords, and make your online presence hacker-resistant. Because sooner or later, the brewing cyberwar will come for you.<\/p>\n<p>While it\u2019s true that hacking and compromising personal accounts have been a scourage of the internet for years, if not decades, what we\u2019re starting to see dwarfs the threats we\u2019ve lived through so far. Putting politics aside, the ongoing events in Russia and Ukraine sparked the catalyst for a mass cyber attack. And the response from other countries will likely only exacerbate that fact.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Companies_Already_Seeing_Mass_Hacks\"><\/span><a rel=\"nofollow noopener\" target=\"_blank\" name=\"autotoc_anchor_0\">Companies Already Seeing Mass Hacks<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<figure style=\"width: 1920px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-106615\" data-pagespeed-lazy-src=\"https:\/\/www.reviewgeek.com\/p\/uploads\/2021\/12\/9eb60bc8-1.png\" alt=\"A laptop with the word &quot;Ransomware&quot; in big scary letters.\" width=\"1920\" height=\"1080\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/male-hacker-hand-on-laptop-computer-1141202159\">Zephyr_P\/Shutterstock<\/a><\/span><\/figcaption><\/figure>\n<p>In the past year, companies have already felt the brunt of the brewing cyberwar. And don\u2019t think that won\u2019t affect you personally. The FBI says that ransomware hit <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fbi-ransomware-hit-649-critical-infrastructure-orgs-in-2021\/\">649 critical infrastructure organizations<\/a> in 2021 alone. That list includes energy companies, transportation companies, and banks. The place you store your money may not be immune to a virus that can encrypt all the information about your finances.<\/p>\n<p>2022 isn\u2019t off to a better start either. In the past few weeks, major companies like <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/techcrunch.com\/2022\/03\/23\/microsoft-lapsus-hack-source-code\/\">Microsoft<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.pcmag.com\/news\/nvidia-hackers-shift-to-leaking-samsung-data\">Samsung<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.pcworld.com\/article\/625175\/nvidias-hackers-say-theyve-stolen-37gb-of-microsoft-code.html\">Nvidia<\/a>, and <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.theverge.com\/2022\/3\/22\/22990637\/okta-breach-single-sign-on-lapsus-hacker-group\">Okta<\/a> have fallen victim to intrusions. While that last company may not be a household name, that doesn\u2019t mean it isn\u2019t important. Thousands of businesses rely on Okta to verify user access to internal systems. Think of it as a doorman for essential employees trying to access company assets. And suddenly, hackers had access to potentially everything the \u201cdoorman\u201d did.<\/p>\n<p>While Okta says only a few hundred companies may have been caught up in the hack, it\u2019s not naming names. FedEx, T-Mobile, Peloton, Cloudflare, and more depend on Okta to help secure systems. And while Microsoft quickly disclosed when it was breached, Okta was much slower to acknowledge that anything happened at all, let alone the details behind the hack. Sadly, this isn\u2019t the first and probably won\u2019t be the last time a company slowly releases information about a breach that could directly affect you.<\/p>\n<p>While there isn\u2019t much you can do to prevent a company from getting hacked, those breaches can affect you, and your actions can mitigate the consequences. And you can learn from how companies fall pretty to hackers. In the case of Microsoft, Samsung, Nvidia, and Okta, the same set of hackers went after the companies and used similar methods each time. Methods that will work just as well on individual accounts. And yes, your personal accounts are at risk.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Retaliation_Hacks_are_a_Forgone_Conclusion\"><\/span><a rel=\"nofollow noopener\" target=\"_blank\" name=\"autotoc_anchor_1\">Retaliation Hacks are a Forgone Conclusion<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Current world events will only make the problem worse. In response to Russia\u2019s actions in Ukraine, several countries (including the U.S.) imposed sanctions. Corporations like Netflix, Pizza Hut, Apple, IKEA, Master Card, Xbox Live, Spotify, and more, have <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.nytimes.com\/2022\/03\/24\/business\/companies-products-russia.html\">suspended service in Russia<\/a>. Some of those suspensions prevent product sales, while others discontinue services that may have already been paid for in advance (like a year of Netflix).<\/p>\n<p>Already, the White House is warning companies to expect retaliatory hacking and <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.whitehouse.gov\/briefing-room\/statements-releases\/2022\/03\/21\/fact-sheet-act-now-to-protect-against-potential-cyberattacks\/\">issued a checklist<\/a> to shore up defenses. But it isn\u2019t just state-sponsored groups we have to worry about, nor are the only targets likely to be corporations. Individuals turn to hacking as a form of activism (hacktivism) with greater frequency every day. Angry individuals caught up in the crossfire and deprived of paid services like Xbox Live, or Netflix may decide to lash out in anger.<\/p>\n<p>And even when emotions aren\u2019t running high, individuals turn to hacktivism to \u201cright wrongs\u201d or make a profit. Several teenagers were <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/redirect.viglink.com\/?key=204a528a336ede4177fff0d84a044482&amp;u=https%3A%2F%2Fwww.bbc.com%2Fnews%2Ftechnology-60864283\">recently arrested<\/a> and accused of being the group behind the breaches at Microsoft, Samsung, and Okta. The charges insinuate some of the accused made millions of dollars through previous attacks against corporations. The Anonymous group claims to hack individuals, groups, and companies to \u201cright wrongs\u201d and \u201cfight injustice\u201d (not to mention entertainment). After years of dormancy, the decentralized group has returned with a focus on events in Russia and Ukraine.<\/p>\n<p>Ransomware is already a huge problem and often infects individuals as it does corporations, hospitals, and police departments. Generally speaking, ransomware has been a \u201cdrive-by\u201d attack, hitting whatever and whoever it can at random. It\u2019s not unlikely to see more targeted attacks in the future to cause damage. This isn\u2019t even a matter of if, so much as when.<\/p>\n<p>And virus and ransomware creators aren\u2019t limited to any particular country. The teenagers accused of masterminding the Microsoft and Okta attack reside in Great Britain. Regardless of where the creators live, everyone from every country can be a victim thanks to the internet.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Protect_Yourself_Now_Before_Its_Too_Late\"><\/span><a rel=\"nofollow noopener\" target=\"_blank\" name=\"autotoc_anchor_2\">Protect Yourself Now, Before It\u2019s Too Late<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<figure style=\"width: 1920px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-37139\" data-pagespeed-lazy-src=\"https:\/\/www.reviewgeek.com\/p\/uploads\/2020\/03\/d80a5551.png\" alt=\"a post it note with the words &quot;My password is 12345&quot;\" width=\"1920\" height=\"1080\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/easy-password-concept-my-123456-written-414545476\">Vitalii Vodolazskyi\/Shutterstock.com<\/a><\/span><\/figcaption><\/figure>\n<p>We can learn many lessons from what companies like Microsoft and Okta are dealing with right now. For one, it\u2019s a lot harder to recover from ransomware or hack than it is to prevent one. The last thing you want is to find all your files stolen or encrypted or to find out your reused password let someone charge your bank to buy stuff on Amazon or steal your funds. Prevention is a worthwhile effort every time.<\/p>\n<p>So don\u2019t wait; you should give every account you have a unique complex password, preferably with a password manager. Follow that with enabling two-factor authentication (2FA) wherever you can. Consider a hardware key as part of that two-factor system. Limit what information you provide to online services so it can\u2019t be stolen. And view every link and email with skepticism.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Start_Using_a_Password_Manager_Now\"><\/span>Start Using a Password Manager Now<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>At <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.reviewgeek.com\/t\/password-manager\/\">Review Geek\u00a0and our sister site <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.howtogeek.com\/search\/?q=password+manager\">How-To Geek<\/a>, we have long advocated using Password Managers. Far too many people still use the same password for every online account that calls for one. Worse yet, those passwords continue to be terrible and predictable. In 2021 the most common passwords were:<\/p>\n<ol>\n<li>123456<\/li>\n<li>123456789<\/li>\n<li>12345<\/li>\n<li>qwerty<\/li>\n<li>password<\/li>\n<li>12345678<\/li>\n<li>111111<\/li>\n<li>123123<\/li>\n<li>1234567890<\/li>\n<li>1234567<\/li>\n<\/ol>\n<p>And when people aren\u2019t using those obvious passwords, they often rely on \u201ckeyboard walking\u201d techniques that aren\u2019t complex at all. Such passwords are standard affair in cracking efforts and usually lead to compromised accounts in short order. Using easy-to-crack passwords for all your accounts makes it incredibly easy to break into all your records.<\/p>\n<p>In many cases, hackers don\u2019t even have to put any effort into breaking your password. They already have your email address and password combo, thanks to a breach at one of many companies. If you think that doesn\u2019t apply to you, just put your email address into the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/haveibeenpwned.com\/\">HaveIBeenPwned<\/a> site, and you\u2019ll probably find out you\u2019re wrong.<\/p>\n<p>Hackers use that reuse to their advantage in an attack called credential stuffing. They take your stolen credentials from Facebook and try them at Spotify, Amazon, etc. If they get lucky, they can make purchases or change login details to take over your account. Credential stuffing likely led to the breaches at Microsoft and NVIDIA, and it can happen to you.<\/p>\n<p>Instead, you need to give every account a unique complex password. And while that would be hard to remember, a Password Manager will do that work for you. You only need to remember one master password that unlocks the manager, and then it will fill in the details for you when you visit a site. That makes it MORE convenient than trying to memorize or notate it somewhere the type it in yourself.<\/p>\n<p>You can choose from plenty of Password Managers, and some offer free tiers, though we think paying for a Password Manager can be worth it. Just remember, setting a Password Manager does little go if you don\u2019t change all your previous reused passwords and use the manager to generate unique complex passwords going forward.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Enable_Two-Factor_Authentication_Everywhere_Possible\"><\/span><a rel=\"nofollow noopener\" target=\"_blank\" name=\"autotoc_anchor_4\">Enable Two-Factor Authentication Everywhere Possible<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<figure style=\"width: 1920px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-93913\" data-pagespeed-lazy-src=\"https:\/\/www.reviewgeek.com\/p\/uploads\/2021\/08\/586e508f.png\" alt=\"An illustration of someone using their phone for 2FA.\" width=\"1920\" height=\"1080\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.google.com\/landing\/2step\/#tab=why-you-need-it\">Google<\/a><\/span><\/figcaption><\/figure>\n<p>If step one to securing your accounts is to give all of them unique complex passwords, step two is turning <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.howtogeek.com\/117047\/htg-explains-what-is-two-factor-authentication-and-should-i-be-using-it\/\">two-factor authentication<\/a> (sometimes referred to as two-step authentication or multi-factor authentication) wherever possible.<\/p>\n<p>Typically when you want to access an online service like your bank or Spotify, you provide a username (often in the form of your email) and a password. If you happen to have both, you get access. If a hacker happens to have both, they get in, thanks to credential stuffing or social engineering.<\/p>\n<p>Two-factor authentication seeks to stop the latter case by asking you to provide a second proof of identity. That proof will come through a device you own and keep on your person, like your phone. After you input your password, the service will prompt you for a single-use generated code. You can have the code emailed to you, sent through an SMS (text message), or generated in an app. Of the three, the first two are \u201cbetter than nothing\u201d but not secure.<\/p>\n<p>Hackers can break into your email to swipe the code, for instance. Or they can convince your phone company to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.howtogeek.com\/668922\/how-to-protect-yourself-from-sim-swapping-attacks\/\">swap your SIM number<\/a> for one they control, effectively intercepting your text messages. If you use an app, such as <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/click.linksynergy.com\/deeplink?id=2QzUaswX1as&amp;mid=24542&amp;u1=rg\/113090&amp;murl=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fmobile-authenticator-app\">Microsoft Authenticator<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/support.google.com\/accounts\/answer\/1066447?hl=en&amp;co=GENIE.Platform%3DAndroid\">Google Authenticator<\/a>, or <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/authy.com\/\">Authy<\/a>\u00a0to provide your code, physically having your phone becomes a barrier to hacking. In theory, it\u2019d take both stealing your password and your phone (and any password for it) to break into your account.<\/p>\n<p>Unfortunately, the choice may not be yours. Some services don\u2019t support two-factor authentication data all, while others will only allow email or SMS options and don\u2019t support app authenticators. But wherever you can, you turn on two-factor authentication and, if possible, pair it with an app. And in some cases, you may even consider using a hardware security key.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Hardware_Security_Keys_Are_an_Option_To_Consider\"><\/span><a rel=\"nofollow noopener\" target=\"_blank\" name=\"autotoc_anchor_5\">Hardware Security Keys Are an Option To Consider<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<figure style=\"width: 1920px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-63449 size-full\" data-pagespeed-lazy-src=\"https:\/\/www.reviewgeek.com\/p\/uploads\/2020\/12\/1ae8aad4.png\" alt=\"YubiKey security key on a white and gold antique painted and carved textured background\" width=\"1920\" height=\"1080\" data-crediturl=\"https:\/\/www.shutterstock.com\/image-photo\/white-gold-antique-rustic-acrylic-colors-752554219\" data-credittext=\"Suzanne Humphries, symona\/Shutterstock.com\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/white-gold-antique-rustic-acrylic-colors-752554219\">Suzanne Humphries, symona\/Shutterstock.com<\/a><\/span><\/figcaption><\/figure>\n<p>If you like the idea of two-factor authentication with a hardware component but don\u2019t want to use your phone as the hardware, you could consider a security key. With a security key, you still get the two-factor authentication benefits of needing both a password and to provide proof of identity, but you don\u2019t have to worry about inputting a generated code.<\/p>\n<p>Instead, you\u2019ll insert the key, and it will handle all of the rest. When that works, it\u2019s often more seamless and can be more convenient than single-use codes. But you may find fewer services that support hardware keys, and getting them to work with your phone or tablet requires spending more on an NFC, Bluetooth, or USB-C version.<\/p>\n<p>Some Operating Systems, like Windows, will even let you unlock your device with a key. And if set up correctly, you could even bypass proving a password at all. As soon as you remove the key and lock the device, it becomes harder to break into the machine.<\/p>\n<p>Hardware security keys can be an excellent option for securing your accounts, but given that more services support code-based two-factor authentication, that may be the better, more convenient way to go. Security is always a balance of weighting protection and convenience. The more you lock down an account, the less convenient it is to use. The more convenient you make it to access an account, the less secure it is.<\/p>\n<div style=\"box-shadow: 0 0 4px 1px rgba(0,0,0,.2); padding: 1em; padding-bottom: 0; margin-bottom: 20px;\">\n<h4 style=\"margin: 0;\"><span class=\"ez-toc-section\" id=\"What_is_a_USB_Security_Key_and_Should_You_Use_One\"><\/span>What is a USB Security Key, and Should You Use One? <img decoding=\"async\" width=\"16px\" height=\"16px\" src=\"data:image\/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIj8+PHN2ZyB2ZXJzaW9uPSIxLjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4Ig0Kd2lkdGg9IjUxMS42MjZweCIgaGVpZ2h0PSI1MTEuNjI3cHgiIHZpZXdCb3g9IjAgMCA1MTEuNjI2IDUxMS42MjciPg0KPGc+DQo8Zz4NCjxwYXRoIGQ9Ik0zOTIuODU3LDI5Mi4zNTRoLTE4LjI3NGMtMi42NjksMC00Ljg1OSwwLjg1NS02LjU2MywyLjU3M2MtMS43MTgsMS43MDgtMi41NzMsMy44OTctMi41NzMsNi41NjN2OTEuMzYxDQpjMCwxMi41NjMtNC40NywyMy4zMTUtMTMuNDE1LDMyLjI2MmMtOC45NDUsOC45NDUtMTkuNzAxLDEzLjQxNC0zMi4yNjQsMTMuNDE0SDgyLjIyNGMtMTIuNTYyLDAtMjMuMzE3LTQuNDY5LTMyLjI2NC0xMy40MTQNCmMtOC45NDUtOC45NDYtMTMuNDE3LTE5LjY5OC0xMy40MTctMzIuMjYyVjE1NS4zMWMwLTEyLjU2Miw0LjQ3MS0yMy4zMTMsMTMuNDE3LTMyLjI1OWM4Ljk0Ny04Ljk0NywxOS43MDItMTMuNDE4LDMyLjI2NC0xMy40MTgNCmgyMDAuOTk0YzIuNjY5LDAsNC44NTktMC44NTksNi41Ny0yLjU3YzEuNzExLTEuNzEzLDIuNTY2LTMuOSwyLjU2Ni02LjU2N1Y4Mi4yMjFjMC0yLjY2Mi0wLjg1NS00Ljg1My0yLjU2Ni02LjU2Mw0KYy0xLjcxMS0xLjcxMy0zLjkwMS0yLjU2OC02LjU3LTIuNTY4SDgyLjIyNGMtMjIuNjQ4LDAtNDIuMDE2LDguMDQyLTU4LjEwMiwyNC4xMjVDOC4wNDIsMTEzLjI5NywwLDEzMi42NjUsMCwxNTUuMzEzdjIzNy41NDINCmMwLDIyLjY0Nyw4LjA0Miw0Mi4wMTgsMjQuMTIzLDU4LjA5NWMxNi4wODYsMTYuMDg0LDM1LjQ1NCwyNC4xMyw1OC4xMDIsMjQuMTNoMjM3LjU0M2MyMi42NDcsMCw0Mi4wMTctOC4wNDYsNTguMTAxLTI0LjEzDQpjMTYuMDg1LTE2LjA3NywyNC4xMjctMzUuNDQ3LDI0LjEyNy01OC4wOTV2LTkxLjM1OGMwLTIuNjY5LTAuODU2LTQuODU5LTIuNTc0LTYuNTcNCkMzOTcuNzA5LDI5My4yMDksMzk1LjUxOSwyOTIuMzU0LDM5Mi44NTcsMjkyLjM1NHoiLz4NCjxwYXRoIGQ9Ik01MDYuMTk5LDQxLjk3MWMtMy42MTctMy42MTctNy45MDUtNS40MjQtMTIuODUtNS40MjRIMzQ3LjE3MWMtNC45NDgsMC05LjIzMywxLjgwNy0xMi44NDcsNS40MjQNCmMtMy42MTcsMy42MTUtNS40MjgsNy44OTgtNS40MjgsMTIuODQ3czEuODExLDkuMjMzLDUuNDI4LDEyLjg1bDUwLjI0Nyw1MC4yNDhMMTk4LjQyNCwzMDQuMDY3DQpjLTEuOTA2LDEuOTAzLTIuODU2LDQuMDkzLTIuODU2LDYuNTYzYzAsMi40NzksMC45NTMsNC42NjgsMi44NTYsNi41NzFsMzIuNTQ4LDMyLjU0NGMxLjkwMywxLjkwMyw0LjA5MywyLjg1Miw2LjU2NywyLjg1Mg0KczQuNjY1LTAuOTQ4LDYuNTY3LTIuODUybDE4Ni4xNDgtMTg2LjE0OGw1MC4yNTEsNTAuMjQ4YzMuNjE0LDMuNjE3LDcuODk4LDUuNDI2LDEyLjg0Nyw1LjQyNnM5LjIzMy0xLjgwOSwxMi44NTEtNS40MjYNCmMzLjYxNy0zLjYxNiw1LjQyNC03Ljg5OCw1LjQyNC0xMi44NDdWNTQuODE4QzUxMS42MjYsNDkuODY2LDUwOS44MTMsNDUuNTg2LDUwNi4xOTksNDEuOTcxeiIvPg0KPC9nPjwvZz48L3N2Zz4NCg==\" alt=\"\" role=\"presentation\"\/><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<div class=\"moka-buying-guides-product-wrap\">\n<div>\n<small style=\"color: #555;\"\/><br \/>\n<span style=\"display: block; margin-bottom: 0em;\"\/><br \/>\n<a rel=\"nofollow noopener\" target=\"_blank\" data-widgetsource=\"buyingguide\" title=\"Yubico - YubiKey 5 NFC - Two Factor Authentication USB and NFC Security Key, Fits USB-A Ports and Works with Supported NFC Mobile Devices - Protect Your Online Accounts with More Than a Password\" href=\"https:\/\/www.amazon.com\/dp\/B07HBD71HL?tag=reviewgeek-20\"><\/p>\n<div class=\"height160 flex-vcenter\">\n<img decoding=\"async\" height=\"160px\" data-pagespeed-lazy-src=\"https:\/\/m.media-amazon.com\/images\/I\/41R6WmPaVDL._SL160_.jpg\" alt=\"\" role=\"presentation\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/>\n<\/div>\n<p><\/a><\/p>\n<div>Best Overall Security Key<\/p>\n<\/div>\n<h5 style=\"max-height: 24px; margin-top: 10px; margin-bottom: 10px; font-size: 1em; white-space: normal; overflow: hidden; text-overflow: ellipsis; display: -webkit-box; -webkit-line-clamp: 2; -webkit-box-orient: vertical;\"><span class=\"ez-toc-section\" id=\"Yubico_%E2%80%93_YubiKey_5_NFC_%E2%80%93_Two_Factor_Authentication_USB_and_NFC_Security_Key_Fits_USB-A_Ports_and_Works_with_Supported_NFC_Mobile_Devices_%E2%80%93_Protect_Your_Online_Accounts_with_More_Than_a_Password\"><\/span>Yubico &#8211; YubiKey 5 NFC &#8211; Two Factor Authentication USB and NFC Security Key, Fits USB-A Ports and Works with Supported NFC Mobile Devices &#8211; Protect Your Online Accounts with More Than a Password<span class=\"ez-toc-section-end\"><\/span><\/h5>\n<\/div>\n<div>\n<small style=\"color: #555;\"\/><br \/>\n<span style=\"display: block; margin-bottom: 0em;\"\/><br \/>\n<a rel=\"nofollow noopener\" target=\"_blank\" data-widgetsource=\"buyingguide\" title=\"FIDO U2F Security Key, Thetis [Aluminum Folding Design] Universal Two Factor Authentication USB (Type A) for Extra Protection in Windows\/Linux\/Mac OS, Gmail, Facebook, Dropbox, SalesForce, GitHub\" href=\"https:\/\/www.amazon.com\/dp\/B06XHTKFH3?tag=reviewgeek-20\"><\/p>\n<div class=\"height160 flex-vcenter\">\n<img decoding=\"async\" height=\"160px\" data-pagespeed-lazy-src=\"https:\/\/m.media-amazon.com\/images\/I\/414cv-4SxrL._SL160_.jpg\" alt=\"\" role=\"presentation\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/>\n<\/div>\n<p><\/a><\/p>\n<h5 style=\"max-height: 24px; margin-top: 10px; margin-bottom: 10px; font-size: 1em; white-space: normal; overflow: hidden; text-overflow: ellipsis; display: -webkit-box; -webkit-line-clamp: 2; -webkit-box-orient: vertical;\"><span class=\"ez-toc-section\" id=\"FIDO_U2F_Security_Key_Thetis_Aluminum_Folding_Design_Universal_Two_Factor_Authentication_USB_Type_A_for_Extra_Protection_in_WindowsLinuxMac_OS_Gmail_Facebook_Dropbox_SalesForce_GitHub\"><\/span>FIDO U2F Security Key, Thetis [Aluminum Folding Design] Universal Two Factor Authentication USB (Type A) for Extra Protection in Windows\/Linux\/Mac OS, Gmail, Facebook, Dropbox, SalesForce, GitHub<span class=\"ez-toc-section-end\"><\/span><\/h5>\n<\/div>\n<\/div>\n<\/div>\n<h3><span class=\"ez-toc-section\" id=\"Limit_Your_Information_Whenever_Possible\"><\/span><a rel=\"nofollow noopener\" target=\"_blank\" name=\"autotoc_anchor_6\">Limit Your Information Whenever Possible<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<figure style=\"width: 1920px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-113355\" data-pagespeed-lazy-src=\"https:\/\/www.reviewgeek.com\/p\/uploads\/2022\/03\/237f5de4.png\" alt=\"a pile of credit cards\" width=\"1920\" height=\"1080\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/credit-card-visa-master-617054912\">Theethawat Bootmata\/Shutterstock.com<\/a><\/span><\/figcaption><\/figure>\n<p>Every time you sign up for an account online, it asks for a ton of personal data. You might get asked for a real name, address, social security number, email, mother\u2019s maiden name, credit card number, or blood type (that last one is a joke, but just barely).<\/p>\n<p>Sometimes that data is necessary. For instance, Amazon can\u2019t ship you the latest widget you ordered without an address. But does the weather service that frustratingly required an account to see granular data really need a social security number? Absolutely not, and if the request is entirely unreasonable and unavoidable, you should go somewhere else.<\/p>\n<p>Because the more data a company has about you, the more hackers will gain when they inevitably breach its servers. They\u2019ll get names, email addresses, passwords, and more. And your only hope is that the company did a good job segregating the critical stuff and properly encrypting it. But all too often, companies have admitted to storing passwords with bad encryption, or worse, in plain text. Don\u2019t trust companies to do the right thing.<\/p>\n<p>And just because you need to provide data for a one-time use doesn\u2019t mean you have to agree to save it in the company\u2019s servers. When it\u2019s time to pay for something at Amazon, Best Buy, or the local pizza joint, the company will likely offer to store your credit card number for future purchases.<\/p>\n<p>But think about the risk: you save yourself a small amount of hassle and time by avoiding digging out your card and punching your numbers. However, the next time that service gets hacked, the data dump may include your (hopefully encrypted) credit card number. Instead, if you choose not to save your card number to the site, it won\u2019t be in the data trove, and you\u2019re better off.<\/p>\n<p>The less of your data you provide, the less that can be stolen. And fewer sites you give your information to, the fewer places it can be stolen from. You may not be able to avoid it altogether, but the more you limit the data you willingly give up, the better off you are in the long run.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"View_Every_Phone_Call_Email_and_Link_With_Skepticism\"><\/span><a rel=\"nofollow noopener\" target=\"_blank\" name=\"autotoc_anchor_7\">View Every Phone Call, Email, and Link With Skepticism<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Sometimes the oldest advice remains the truest. Social engineering continues to be one of the most prolific methods to break into accounts, likely in part because it requires no coding knowledge. If a bad actor can trick you into providing your password, they don\u2019t have to worry about infecting your computer or creating ransomware.<\/p>\n<p>Unfortunately, spam calls are still a problem, even with recent efforts to curtail them. And that includes terrible people pretending to be police, large companies, or even family members to trick you into giving data or spending money. No company will ever call you and ask for a security code or confirmation of a password. Nor will Microsoft or Apple contact you out of the blue to help with your computer. Companies will let you come to them; they won\u2019t contact you. The best option is to assume a scam and hang up.<\/p>\n<p>The same goes for emails and links, even if they seem to come from a friend. One of the first things a hacker will do after compromising an email is to message everyone in the contact list in the hopes of compromising more accounts. If you haven\u2019t heard from a friend through email in forever (or ever!), and the vocabulary and spelling don\u2019t match their typical style, assume it\u2019s a scam. Call them and confirm. Don\u2019t click any links; just trash the email.<\/p>\n<hr\/>\n<p>Unfortunately, you can follow all of this advice and still get caught up with a virus, ransomware, or a hack. There\u2019s only so much you can do, and if a company you trusted fails to secure its servers, you\u2019re out of luck. But the more protected you are, the better. You\u2019ll need to weigh security versus convenience, but at the very least, you should use a password manager and two-factor authentication wherever possible.<\/p>\n<p>Because at this point, it\u2019s not a matter of if someone will try to break into one of your accounts, but when. And locking the doors after the thieves are already inside your home is too late to help.\n<\/p><\/div>\n<p><script>\nsetTimeout(function(){\n  !function(f,b,e,v,n,t,s)\n  {if(f.fbq)return;n=f.fbq=function(){n.callMethod?\n  n.callMethod.apply(n,arguments):n.queue.push(arguments)};\n  if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';\n  n.queue=[];t=b.createElement(e);t.async=!0;\n  t.src=v;s=b.getElementsByTagName(e)[0];\n  s.parentNode.insertBefore(t,s)}(window, document,'script',\n  'https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n  fbq('init', '1137093656460433');\n  fbq('track', 'PageView');\n  },3000);\n<\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.reviewgeek.com\/113090\/the-great-cyberwar-has-just-begun-you-need-to-protect-yourself\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;You Need to Protect Yourself \u2013 Review Geek&#8221; Rawpixel.com\/Shutterstock.com Right now, more than ever, you need to secure all your online accounts. It\u2019s long past time to embrace two-factor authentication, stop reusing passwords, and make your online presence hacker-resistant. Because sooner or later, the brewing cyberwar will come for you. While it\u2019s true that hacking&#8230;<\/p>\n","protected":false},"author":1,"featured_media":421900,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.reviewgeek.com\/p\/uploads\/2022\/03\/ccc2a872.png","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-421899","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/421899","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=421899"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/421899\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/421900"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=421899"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=421899"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=421899"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}