How to Safeguard Online Accounts

Tiffany M. Faust |
Posted on Oct 14, 2018

With so many of our daily activities now taking place online, there has never been a better time to take action and safeguard our online accounts. Unfortunately, many individuals continue to use the same weak password for all of their online accounts, and a vast majority never change their password until they learn their account was hacked. These compromised accounts not only impact the individual account holder; they can be used to conduct scams against family and friends and can spread malware in malicious emails or on social media---enabling the scams to keep spreading to even more victims.


Using a basic user name and password is no longer adequate to protect key accounts like email, social media, and online banking. Thankfully, almost all email, social media, banks, and many other online service providers offer a better way to secure your accounts called two-factor authentication. In recognition of National Cybersecurity Awareness Month, let’s review how two-factor authentication works and benefits account holders.


How does it work?

After entering your basic user name and password, you also enter an additional code delivered as a text message to your cell phone, or via a mobile app, or through a physical device such as a token or key. Some online services can be configured to require this additional code each time you log in, while others will prompt for the code when they detect your user name and password are being used on a different computer or mobile device than normal. Each provider’s method of two-factor authentication varies.


With two-factor authentication, even if cybercriminals steal your password, they cannot access your account unless they are able to receive the additional code. This is the distinct advantage of two-factor authentication over simply using a basic user name and password.


What if it’s not available?   

If two-factor authentication is not available through your provider, consider doing business with another provider. If this is not feasible, take immediate action to establish a strong password that is at least 12 characters long. An easy way to come up with a strong password is to use sentences or passphrases instead of words. Not only are sentences more secure, they are also easier to remember…for example, “I love country music”. In addition to establishing a strong password, set a reminder to change your password periodically, such as quarterly. It is critical never to repeat the same password for all of your online accounts. This way, if one account becomes exposed, they do not all become compromised.


Set Up Two-Factor Authentication.

Visit the tutorials section of for step-by-step instructions on enabling two-factor authentication for popular services such as Amazon, Apple iTunes, Outlook, Google Gmail, Facebook, PayPal and Venmo, to name a few. If you do not see your email, bank or other favorite provider on this site, call the provider or visit their website and ask about securing your online account with two-factor authentication. This extra layer of online security serves to verify your identity and to protect you and others from being potential victims of cybercrime.

Tiffany M. Faust
Vice President/Information Security Officer