08-10-12 | Blog Post
Two, 2-minute security improvements to secure your account
My inbox receives between 100 and 200 work emails daily – so far, as of writing this at 4:11pm, I’m up to 155. I won’t share my personal email stats – it usually creates panic attacks for my auto-tagging, auto-sorting colleagues who make an empty inbox a daily goal (haven’t they ever heard of search?! LOL).
Given the daily deluge, the juxtaposition between these two emails that both came in at 2:04pm this afternoon struck that cynically ironic chord that kicks in around mid-afternoon:
Subject #1: CNN – Hack raises concern about cloud storage
Subject #2: Data Breaches May Be on the Decline – Health IT Weekly Digest – August 8, 2012
The first told the particularly insidious goal of scaring the bejeebers out of what can happen if someone manages to get that first login credential and proceeds to annihilate all related, links accounts and precious cloud storage (pics, emails, tweets … you get it).
Now, while I sincerely hope that the second email ends up being the true predictor of improved online security, I think the ever-increasing security entry points that mobile phones present to secure information (your files, payment info, medical info, family info), will make data breaches ongoing fodder for the headlines.
In the interest of not wanting to be a statistic, I set aside the procrastination for about five minutes .. just long enough to make an easy, but significant change to my personal email account – in this case, Gmail. I change my work login with incredible regularity, because otherwise I’ll be automatically locked out. But, having no such regulation applied to my personal account, it lapses into the complacent continuity of login credentials. Resemble that? Here are two very quick ways to significantly improve the security of your login credentials.
Google will ask you to confirm your phone number, and text or call you with a short code. Use this code to confirm your two-factor login settings.
You have the option of remembering your personal or work computer so you won’t have to use your mobile phone every time you login to your day-to-day machines. But if you login from a different computer, or someone else tries to, it will require a passcode from your phone. If an impersonator does not have your phone, they will be out of luck!
Note that I have had one instance in the last few months where my phone was not available to me, and it was a few hours of not being able to access my work domain. For your personal Gmail account, you have the option to prepare 10 backup passcodes in the event that you and your phone become separated.
Have your Gmail account connected to your phone or other accounts? Then you will need to step through the additional process of setting up unique, one-time passcodes for those accounts. Again, it took about a minute.
That’s it. You’ve just saved yourself from the fate of poor Mat Honan, the Wired technology journalist who suffered dire consequences from having his account compromised.
Now take the next step toward security and set up two-factor for your accounts!
Interested in reading more about security? Read our PCI Compliant Data Centers white paper.