Hackers for hire collect bounties to improve cybersecurity
A growing cadre of so-called 'white hat' hackers help stop security breaches before they happen.
In an ideal world, our accounts protect us online. Our usernames and passwords secure private info and lock out hackers and snoops. In practice, most accounts aren’t so safe. Tap or click for 7 security basics you need to stop ignoring in 2020.
Beyond hackers and cybercriminals, our worst enemies are ourselves. You’re probably using a few terrible passwords that you should have banished long ago. Tap or click for a simple way to generate strong passwords without all the hassle.
Now, think back to the last time you signed up for an app or service. Did you click the “sign up with Facebook or Google” option? Sure, that’s a time-saver but there’s a huge downside. Apple says they have secure ways for you to use your Apple ID. More about that later.
The dangers of data sharing
Services such as Airbnb, Spotify and Tinder give the option of logging in with your Facebook or Google credentials. This auto-fills your information, adds your profile picture and sets you up with a single tap.
But logging in via Facebook or email exposes the data contained within your accounts. You already know Facebook’s business model is predicated on selling your data to the highest bidder. Why would that logic suddenly end when it comes to account sharing?
Tap or click to see how Facebook continues to sell your data.
Sure enough, platforms like Facebook provide your profile information and more to the services you sign up for when you choose their login option. For example, Spotify users are served targeted advertisements that relate to browsing and “like” history. It’s all part of the deals these companies made with one another.
Some platforms even include tracking scripts that keep tabs on your activity on the websites you sign in to. Would you feel comfortable with Facebook knowing your dating tastes on Tinder? That’s gonna be a “no” for me.
STAY IN THE KNOW: Get breaking tech news as it happens. Tap or click to sign up for free email alerts from Kim's desk to your inbox.
Is your cybersecurity at risk?
Aside from shady data-sharing practices, signing in with an existing account has security problems of its own. If a hacker somehow gets ahold of your Google account, he or she will then own the keys to the kingdom for all your related accounts.
Your Google account contains so much more than your search history. Want to be shocked? Tap or click to find out everything Google knows about you.
This is doubly dangerous when the platforms you sign in to are small or insufficiently protected against hackers. A small e-commerce platform that lets you log in with Google can get hit with a cyberattack, exposing your much more secure Google account to the highest bidders on the Dark Web.
What are the right options for safe sign ins?
There isn’t any one right way to sign up for a service, but what you can do is create stronger accounts that will stand up against hackers and protect your privacy. By creating a new account without any private information in it, you can start on a new service as a clean slate of data that can’t be bought or easily sold.
That means taking steps such as creating a separate email address that will handle all or some of your service accounts. This email profile shouldn’t include too much personal information. Use your initial instead of your last name, and don’t include your street address in your profile.
Your account should also be protected with as strong of a password as possible. Tap or click here to learn how to make stronger passwords for all your accounts.
GO OFF THE GRID: There’s more about you on the web than you probably realize. Tap or click for 7 ways to delete yourself from the internet.
But which email service is best for secure accounts? Gmail is actually perfectly safe and secure — provided you don’t “log in with Google” when prompted. Your email address should be just that: an email address. It should be used only as a username to sign in with.
Of course, if you want to avoid Google when creating a secure account, there are several excellent options that will give you more anonymity. Tap or click to see our favorite Gmail alternatives.
How do I keep my new accounts safe?
Once you’ve set up secure accounts, you’ll want to take the next step to keep them safe from hackers. As we’ve discussed, passwords are quickly becoming obsolete, and even the most complicated password (though necessary) can be cracked by a determined enough hacker.
That’s where two-factor authentication comes in. Setting this up will add an additional layer of security to your account by requiring you to use your phone to verify your identity. Since a hacker won’t have access to your phone, the feature adds a major obstacle toward those hoping to compromise your account.
Every email service will have different methods to set up 2FA, but since Gmail is the most commonly used, we’ll show you how to turn it on there.
To begin, Google has a specific page here where you can activate two-factor authentication. Open the link, sign in with your new Gmail account and tap Get Started. You might be asked to sign in again after this step. Add your country from the drop-down menu and enter your phone number in the field that appears.
From here, you’ll be able to choose whether you want a verification text message or phone call. Tap Next, and you’ll have your authentication sent to your phone. Enter the code you receive and tap Next. Once Google has verified your code, tap Turn On to enable the service on your account.
2FA is useful because it effectively makes all of your logins far more secure than they’d be without it. It’s useful to set up with every service and platform that gives you the option.
Accounts like Facebook, which contain personal information, or your Dropbox containing important files would be well served by adding 2FA. And of course, set it up for bank accounts and any financial services too. Tap or click here to learn how to set up 2FA for even more websites.
What about ‘Sign in with Apple?’ The company claims it’s much more secure. Is it really?
Apple made headlines when it announced a new service for its users called “Sign in with Apple.” Much like signing in with a Facebook or Google account, Sign in with Apple uses your Apple ID in place of a login for various platforms and services.
Sign in with Apple features end-to-end encryption to protect your logins and doesn’t associate your account with any logins you set up. Instead, it uses one-time keys generated when you sign in to a website.
Plus, it’s based on biometric data via FaceID or Touch ID, so hackers may have a hard time getting in without your face or finger.
This is smart for several reasons — most notably the fact that even if a hacker somehow cracked your login, they wouldn’t learn anything about you. Sign in with Apple even creates alternate email addresses for the services you sign up for, so you don’t have to worry about hiding your email either.
This service effectively makes Apple a middleman between you and the service you sign up for. The only parties exchanging information are you and Apple. Whether that’s something you’re comfortable with is a personal decision.
How can I set up Sign in with Apple?
To get started, make sure you’re signed in with your Apple ID on your device. Sign in with Apple only works on Apple branded devices like iPhone and Mac. You’ll also need to be updated to iOS 13, iPadOS or MacOS Catalina.
- Tap the Sign in with Apple button on the participating app or website.
- If the app or site has not requested any information to set up your account, check that your Apple ID is correct and go to Step 4.
- If you’re asked to provide your name and email address, Sign in with Apple automatically fills in the information from your Apple ID. You can edit your name if you like and choose Share My Email or Hide My Email.
- Tap Continue and confirm with a quick Face ID, Touch ID or device passcode to sign in. If you don’t have Face ID, Touch ID or a passcode set up, enter your Apple ID password.
For more detailed step-by-step instructions, tap or click here to visit Apple’s support website.
BONUS TIP FOR EXTRA KNOW-HOW: Stream everything you want without breaking the bank
Are you a cord-cutter who relies on streaming services? Perhaps you’re a cord-never (those who have never signed up for cable) who utilizes apps like Roku, Apple+ or Pluto TV for watching television. Maybe you prefer a combo of cable and streaming services.
Streaming subscribers will total almost 68 million in the U.S. by 2024. So, regardless of the route you take with your television content, chances are you or someone you know subscribes to at least one streaming service.
What makes streaming so appealing? Content, convenience and cost. One trick will join all three and take your viewing experience to a whole new level.
Tap or click to save money and get all the content you want.
What digital lifestyle questions do you have? Call Kim’s national radio show and tap or click here to find it on your local radio station. You can listen to or watch the Kim Komando Show on your phone, tablet, television or computer. Or tap or click here for Kim’s free podcasts.
Copyright 2020, WestStar Multimedia Entertainment. All rights reserved.
Learn about all the latest technology on The Kim Komando Show, the nation's largest weekend radio talk show. Kim takes calls and dispenses advice on today's digital lifestyle, from smartphones and tablets to online privacy and data hacks. For her daily tips, free newsletters and more, visit her website at Komando.com.
Get a daily look at what’s developing in science and technology throughout the world.