In 2012 there was more than 1 data breach per day and of these 365 plus breaches about 80% managed to get some sort of data. This is a pretty scary number when you think about it, but it actually pales by comparison to the number of personal accounts that are compromised due to poor security, weak passwords, and malware designed to steal passwords. So what do you do to help prevent this? A simple answer is to just not have any online accounts so there is no chance of getting your account compromised. However, we know that this is not really a viable solution so it is fortunate that many companies are finally turning to two-step authentication to help mitigate this type of attack.
As more and more user accounts are hacked, we still hear about systems that still allow for simple password hints, security questions, and even worse will not allow for complex passwords. We know of at least three banks that will not allow special characters in their passwords and limit them to 14 character maximums. This lack of foresight on the part of the people that are supposed to be protecting our data is shocking to say the least. Even with easy access to items like TFA (Two-Factor Authentication) we still hear about security breaches and account hacks on a daily basis. So what do you do if an online service does not provide any two-factor authentication? Most would say you are out of luck, but there is something that might help keep things a little more safe than just the stock password that you are required to drop into your accounts. This is the Yubikey which provides something like a secure token that you can add to your online accounts to put in a little more protection.
Google would like you to use two-factor authentication for their Gmail service to help prevent unauthorized access. Using this extra layer of security can protect you and your data, which makes it sound like a good idea. The advice comes after the recent publication of Mat Honan’s tragic and life changing, account hack thee have been many changes to the way that the companies involved do business. While we sympathize with Mat completely we are actually kind of glad that it was someone of note that had this happen. If this had been a regular consumer it is unlikely that Google, Apple, or Amazon would have done anything to fix these issues. In fact most of the issues that allowed this hack to happen have been in place for a very long time.