CEO of LegalShield and IDShield, protecting and empowering people through legal plans and privacy management solutions.
At the start of the new year, a time when many of us are thinking about setting resolutions or renewing good intentions, I have been reflecting on the concept of “akrasia.” This is a term that dates back to ancient Greek philosophy and means when we know what we should do, but we do something else instead. In short, akrasia is acting (or not acting) against our better judgment.
Akrasia succinctly explains why so many of us struggle to prioritize our account security and privacy management, even when we know how important it is. You see the headlines about cybercrime and identity theft. You know it’s a bad idea to keep using the same old passwords for all of your accounts. But maybe you figure nothing bad has happened yet, so you can put off dealing with the problem a little while longer.
Take advantage of a new year to take small steps toward fixing common account security problems — and if you’re inspired to keep going, add a few more layers of advanced protection.
Common Account Security Mistakes
You may know enough about security to avoid using “password” as your password, but you could be guilty of making one or more of these other common mistakes:
• Using easily obtainable information for passwords or passcodes
It’s shockingly easy for hackers to find basic personal data about you online, whether through scouring social media accounts or paying for access to identity databases or directories. When creating passwords or passcodes, don’t use your children’s birthdays, your wedding anniversary, your partner’s initials or any other information that is easy to remember but may also be available to criminals.
• Using the same password over and over
The real danger of reusing a password is that you are likely to forget all of the places you have used it. If you duplicate a password on 20 different websites, and the weakest of those sites is hacked, you may not even be alerted to the breach. An account you haven’t used in years could be compromised to harm you.
• Trying to remember all your passwords
If you are recycling passwords or you have to keep a manual list to remember all your passwords, it’s a sign you need a password manager. Complex, unique passwords are difficult to remember by design, and it’s an added security risk if you store that information on a spreadsheet or a sticky note instead of a secure password vault.
Start Here: Three Basic Steps For Better Security
Poor account security makes you vulnerable. If criminals get access to your accounts, they can wreak havoc on your life, emptying and closing bank accounts, opening new credit cards, using your identity to take out loans or make false medical claims. But these outcomes are preventable with just a little effort.
1. Use a password manager.
If you only do one of these actions, make it this one. Start a free basic account with a password manager and use it on your most sensitive accounts. You will only need to create and remember one master password. One strategy I recommend is coming up with a phonetic password that means something to you — a song lyric, a catchphrase, an inside joke — and then making it more complex with numbers or special characters. For example, convert the phrase, “I ate the whole thing” into the more secure password, “I@teDah0leTHang!”
Once you’ve used the free password manager for a month or two, check in and see if it’s meeting your needs. You may find that you want expanded features, and the premium version is worth a few extra dollars a month.
2. Cancel old accounts.
Take a deep breath, grab a cup of tea and make a list of all of the websites where you have usernames and passwords. Start with the sites you frequent, then search your memory for older accounts. Update your passwords for active sites, and add them to your password manager. Try to log into each account you don’t use, resetting the password if necessary, so you can delete it for good. If you find you can’t get into your old Hotmail or Reddit account, reach out to their customer service and ask for instructions on how to shut it down.
3. Check your account settings.
Do a quick audit of the privacy and security settings in your active accounts. Make sure your settings are set to share the least amount of personal information possible.
Keep Going: Advanced Steps For Increased Security
Celebrate and congratulate yourself when you’ve completed the first three steps. And if you’re on a roll, continue on to the next level.
1. Set up two-factor authentication.
Two-factor authentication is becoming increasingly common on websites, and you should use it wherever possible. It adds another layer of protection to ensure only you can access your accounts, even with the correct password. Configure your accounts so you get a code via text message to verify your identity, or use an authenticator app.
2. Use biometrics.
Biometrics technology is still new and not foolproof, but it does improve your overall account security. Activate both facial and fingerprint recognition on devices that offer the option.
3. Add a cybersecurity plan.
Bolstering your account security goes a long way to protect you from criminals online, but it’s worth thinking about what happens if something does go wrong. Research additional cybersecurity safeguards, such as a VPN, malware protection, credit monitoring and identity theft and privacy protection, starting with any services you already subscribe to. What benefits do they offer? Which features would you be willing to pay more for each month? Look for all-in-one plans that are easy to manage and services that have a reputation for great customer service. The tech is important, but so is the humanity; you want to talk to a real person when you have a problem.
Cyberthreats are real and have very real consequences. Make this the year you conquer akrasia and take small but powerful steps to strengthen your account security.