I have a confession to make. I’ll get to it in two seconds. First, a bit of context.
This month, I’m focusing on online security for you and your money. In fact, that’s the topic of my next Women’s Money Group meet-up and live-stream on October 29th.
It’s something I decided to tackle after hearing multiple stories in the news about identity theft, fraud, and victims of cyber attacks. This is an issue that leaves us all vulnerable; except, of course, those who don’t buy anything online. Or respond to Facebook quizzes. Or answer security questions directly.
Right, we’re all at risk unless we take a few simple steps to protect ourselves.
This is where my confession comes in. You’d think that given the nature of my work, I’d be all over online security, right?
I am, sort of. By that I mean that I am now, thanks to my husband, Mark, and his intervention more than a decade ago. Before his intervention, I was blissfully ignorant. And dismissive.
If you’ve read my book, Protect Your Purse, you’ll be familiar with the story I’m about to tell, because I first fessed up publicly there. For the rest of you, here’s the scoop about my introduction to online security.
Mark has worked in the field of I.T. for just shy of a million years (i.e. more than 30 – he started as a teen. No, really.). It’s fair to say that he is obsessed with online security, mostly because he’s seen and read countless examples of nasty attacks. He reads voraciously, which does nothing to ease his sense that scammers lurk in every corner.
For the longest time I thought he was paranoid. “Yes, Mark, of course we should be careful.” “Yes, Mark, passwords are important.” Yes, Mark….
It made him crazy that I was, shall we say, relaxed about the use of strong, unique passwords for all my online accounts. He told me about an online password management tool, LastPass, which generates strong, random passwords for all your accounts, keeps track of them all, and auto-populates log-in fields so you don’t have to remember the endless supply of randomized strings. All you have to do is create a single, strong master password to access the system; then you’re off to the races.
Want to create a random, 20-character password that includes upper case letters, lower case letters, numbers, and symbols? No problem. LastPass generates it in milliseconds with a single click.
This is the bit where you would expect a wise Doris to say, “By God, that’s brilliant! I’m going to sign up right away.” That would have been really smart of me. Instead, I procrastinated. That step never made it to the top of my seemingly more important to-do list. Every time Mark patiently inquired about it, I promised to get right on it. In just a minute. Going to do it right now. Definitely.
Mark figured out that my saying, “I’ll do it later” really meant I was never going to do it. He sat down at my computer, set up LastPass in a matter of minutes, spent another handful of minutes showing me how to use it, then waited patiently for me to admit that it was a) ridiculously easy to set up, and b) something I should have done a long time ago.
That was more than ten years ago. This leopard has changed her spots. In the intervening decade, I have seen enough examples of security breaches to make me super grateful for Mark’s knowledge and his insistence that we take measures to protect ourselves.
I have learned a great deal, thanks to Mark. Now I want to pass that knowledge on to you, too, so that you can beef up your security measures, at no cost, I might add! Even better: I’ve asked Mark to teach this to you. I know enough to sound smart at a party, but if you want depth and detail, Mark’s your guy. He’s the true geek/expert.
If you want to learn the top steps to protect yourself online, grab a spot at October’s Women’s Money Group Meet-up on the 29th. You can join us in person or tune in online for the live-stream of the meeting. Either way, you’ll want to have your computer and smart phone handy as Mark helps you to set up a password manager and another tool that is responsible for stopping the majority of online attacks. He’ll cover it all on the 29th.
Today’s Money Tip has to do with the security of your passwords. Some of you may be thinking that you don’t need a password manager. You’re perfectly good at creating long, complex, seemingly randomized strings of letters, numbers, and characters.
Here’s the thing: If a human being (i.e. you) created the password, then a computer can crack it in no time. It doesn’t matter how clever you think you’re being; it’s a relatively simple job for a computer. Here’s what one tech industry expert had to say:
In addition to the risks created by human memory limitations, there is a major concern about how strong the complex passwords truly are, and how well they stand up to hacking tools. Research shows that the actual security provided by complex passwords is often far less than one would expect based on the password’s theoretical strengths. One major issue with complex passwords was discussed in a paper published last year by a research team from Carnegie Mellon University, which explained that predictable human tendencies often dramatically undermine the strength of complex passwords.
Still not convinced? Here are 13 more reasons why your DIY passwords aren’t secure.
Do yourself a favor and install a free password manager. Tech Radar, a blog that provides tech buying advice, created this list of their top 8 free password manager recommendations. We’ll discuss LastPass at the WMG meeting, however there are several other options on the market.
Pick one, and you’ll be one step closer to protecting your identity and your money online.
If you find yourself procrastinating, just remember my embarrassing story and get to it. If my data had been compromised in any way as a result of my foot-dragging, I would have been really, really, really mad at myself. And, I would never have heard the end of it from my tech department, with good reason.
If you’re thinking that it’s too bad you live in Edmonton/Denver/Halifax/wherever because you’d love to be able to attend the October Women’s Money Group meeting, you’re in luck. We now live-stream the meetings and we provide access to a recording for thirty days afterward.
One woman told me she’s going to be in Turkey the night of the meeting, so she’s excited that recordings are now available. She doesn’t have to miss out on the content! Neither do you.
You don’t need a membership to participate. Details and registration links for the meeting are available here. Grab a spot and I’ll see you on the 29th.
One last thing: Send me an email sharing the ways that you protect yourself online. What measures do you take? Let’s compare notes and share ideas.