Keeping your online accounts safe is important, no matter who you are. Criminals don’t care if you’re famous, or how much money you have in the bank.
“These are all crimes of opportunity, and the way that they work is that target as many people as possible, to try to get some pay out from somebody. That might be a big payout from one person, it might be lots of little ones from lots of other people,” says Max Eddy, Sr. Security Analyst at PCMag.com
And, it's not always about cash. Your social media accounts represent you as a person and having someone take over your identity stinks.
But, now you can make it harder for hackers, with two factor authentication or 2FA.
“The normal login procedure of enter your user name, password, press enter and you're in, has an extra step added to it,” explains Eddy.
“Let's say I'm attacked. They get my username, they get my password, that's really, really bad, but if I have 2FA turned on, they can't get past that second thing, they can't get passed the key because only I have the key,” he says.
And in this case, Eddy is referring to a literal key.
“When you are prompted to plug in your key, and then usually physically interact with your key somehow, like tap it to confirm you are a live human that's using it, it's not some kind of electronic replay attack," he explains.
Physical security keys are small, they can plug into a USB port, or your phone, and cost anywhere between $25 and $100 bucks depending on what you want it to do, but they are not your only option.
“If you get Google Authenticator, or a similar code generator, that's just as good as a physical key. There's services like Twilio Authy and Duo that will put a little notification on your phone to tap onto your phone that you actually want to log in," says Eddy.
“It is weird, and maybe a little disconcerting, to have a machine memorize your password and replay it for you, but it’s absolutely going to a better job than you, every single time, and it’s going to make your life much more safe and secure,” he says.