A password is supposed to keep your private information and social media accounts safe. But if you’ve spent any time on the Internet in the last several years, you likely know friends and family members whose accounts have been hacked. Perhaps yours has, too. And that’s why you should consider a password authenticator.
Since 2017, 555 million passwords have been stolen, according to one report. Company data breaches were responsible for a large chunk of those stolen passwords (81 percent), followed closely by hacking incidents triggered by stolen or reused password information (80 percent). However, 17 percent of passwords were stolen when a bad actor guessed them.
The statistics sound scary, especially when you consider your banking information and digital medical records are often stored online on a service such as Defender by WayWiser.
Gone are the days when passwords are enough. Password authenticators can help keep your information safe, and there are plenty to choose from. Here’s what to know and how to figure out if you need one and which one to select.
What’s a Password Authenticator?
A password authenticator is the second step in a two-step process to log you into a website or app. Also known as two-factor authentication (2FA), it requires you—or a bad actor—to enter a code or approve a login from another app or device after entering your password. This extra step can feel inconvenient, but it helps keep your information safe and alerts you to any suspicious login attempts. It can also help reduce the need to remember 100 different passwords.
How Does a Password Authenticator Work?
Often, people will opt for a text or email-based two-factor authenticator system. Generally, it’ll send you a code, usually six digits, after you enter your password. As helpful as those once were, hackers have evolved.
Many savvy hackers have convinced cell phone companies to send them a SIM card for your number. They can then attempt to log into your account. When it fails, they can select “reset the password,” have a code sent to their phone, and change your password before you even get an email informing you of suspicious activity on your account. It can be increasingly hard to get back into social media accounts after that.
The modern-day, more effective password authenticators are app-based. When you try to log into an account on your computer, you’ll be prompted to open an app. From there, you’ll see a code to use for logging in. Alternatively, you may be able to simply tap “approve” from the interface. Then—and only then—will you be able to access your account.
We’re comfortable with text messages now, given their decades-long presence in many of our lives. Another app may seem like overkill, but, quite frankly, it’s easier than attempting to get your hacked Instagram account back.
In the meantime, the hacker may begin to send phishing attempts to your friends and family, which can range from annoying and embarrassing to reputation-harming. Even worse, hacked retail or banking websites can give bad actors access to private financial information and your actual finances. This one extra step empowers you and could thwart them.
Top Password Authenticators
Several password protectors exist. Google and Microsoft are engrained in our culture and recognizable names, making them popular choices. Okta is popular for businesses, and notable password managers like LastPass and Sophos also have two-factor authenticators. Authy is another great option that provides two-factor authenticators for companies and individuals.
When looking, be sure you’re selecting the right type for you. For example, Google works with multiple platforms, while Microsoft is only for Microsoft-based accounts. If you use a Microsoft authenticator, you’ll probably need another one to protect your social media and banking login information. Be sure to select a plan for individuals instead of businesses — it’s likely cheaper.
Should I Get a Password Authenticator?
If you’re old-fashioned and have absolutely nothing online behind a password, you don’t need one of these barriers. But, in all likelihood, that is not the case, given today’s tech-first culture. Therefore, yes, it’s a good idea for you to use a password authenticator.
It provides an added layer of protection to prevent a hacker from getting into your accounts and stealing personal information. It also helps you avoid back luck if your password is swiped through a company breach or a guess from a bad actor. The hacker will need to take another step to get into your account after entering your password, which can thwart their bad faith attempt.
Password authenticators aren’t the only layer of protection to implement, though. Other ways to keep your information safe include not clicking on a link from someone you don’t know and using strong, unique passwords for each account. Avoid obvious choices like pet names and important dates (and any variation of “password” like the not-so-clever p@ssword1). Never share your password information with anyone, and know that governing bodies like the IRS will never ask for it.
Minimize the amount of private information you share online, like your full birthday and address. They’re often answers to password-protecting questions that a hacker could use to log into your account. If you notice suspicious activity on your account, change your password.
We have a number of articles right here on Word to the Wise that discuss the multitude of scams across the internet right now. You can skim through and here and stay ahead of the bad guys.