Proactive and reactive online security

We have a lot of valuable information about ourselves stored online and it helps to take steps to ensure we’re staying safe. There are two categories of steps we can take – ideally with an annual reminder to check in on them:

(1) Reactive: Set up a security / breach monitoring services – services like SpyCloud, CreditKarma, Lastpass offer this for free – notify us if our credentials were found in a breach or on the dark web. Signing up for 2 or 3 of these (or similar) services will help ensure our reactive game is strong.

(2) Proactive:

(a) Password managers help us get ahead of problems by helping us generate strong passwords/set better passwords and notifying us when our passwords need to be updated*. In the grand scheme of things, it doesn’t matter if you use LastPass or 1Password or some other manager. All of these will work better that saving these passwords on a napkin or on Passwords.txt as these apps also ensure these passwords are easily accessible on our phone.

(b) Set up 2 factor authentication as often as possible – for every service that matters at any rate.

(c) Finally, avoid clicking on random links that ask you to input your password/credentials and be suspicious of any inbound phone call asking for such information. And, needless to say, avoid responding to emails from Nigerian princes who promise to wire you a million dollars.

These steps are similar to setting up an alarm system and keeping our doors and windows locked when we leave our home. The most determined/sophisticated burglar will still find their way in. But, it will deter or prevent everyone else.

*Typically a premium feature. I use a premium Lastpass account for this ($36/year) and am a fan.