Never repeat passwords, two-factor verication, biometrics… these are just some of the measures that experts recommend to keep our info safe from hackers.
Your account may have been affected by a security issue is the message that popped on the screens of millions of Yahoo! users when they recently logged on to their email accounts. The message also included a text explaineing that the info had been stolen back in 2014.
The U.S. gian admitted that hackers stole data on 500 million users in 2014, including telephone numbers, passwords and birth dates. According to Yahoo! no banking data had been stolen.
Unfortunately, according to protection expert Iñaki Pariente de la Prada, there is nothing that Spanish users could do in a case such as this. "You use their services and trust that they put all security measures in place to prevent something like that from taking place. They steal the data from the company that is supposed to safeguard them, and all you can do is accept it, there is nothing you can do", says the partner in Dayntic Legal, a consulting firm.
Josep Albors, head of the ESET Spain laboratory and expert in data protection, says that "you have to generate passwords that are easy to remember, but hard to guess. A long sentence may be just as hard to steal as a 10-character alphanumerical code".
"A long sentence may be just as hard to steal as a 10-character alphanumerical code"
Our experts have given us a series of tips to secure your data in as far as possible:
1. Never repeat passwords and rely on password managers
Both experts agree on this point. Using the same password for personal and professional email accounts is one of the biggest no-nos. In fact, the same password should never, ever, be used on different sites, because as soon as a hacker gets a hold of it, it can be used to access bank accounts or any site with sensitive information.
2. Cover your webcam
Cover your computer’s camera. It is free. A simple piece of paper can save you from a delicate situation. Unsecured webcams can be hacked easily, allowing cyberpeepers to eavesdrop on private conversation or take pictures. Hackers can record footage of the victim unnoticedly and post them online.
3. Choose a service provider that applies EU laws
For Pariente de la Prada this is point is essential. Starting on May 2018, even if a service provider is incorporated in the U.S., it will be required to abide by the much stricter EU data protection laws when processing the data of its EU users.
“Today there is nothing a Spanish Yahoo! user can do, but from 2018, if the same thing were to happen, users would be entitled to file a complaint with the Spanish Data Protection Agency, who would have to consider imposing a sanction on the company if it found it breached any security standards.”
In the case of Yahoo!, he adds ”the data theft does not necessarily entail that they did anything wrong. Maybe they did all they could, and the attack simply couldn’t be prevented. But someone would need to look into that.” As De la Prada stresses, the regulatory change is going to guarantee many more rights for EU users vs. the U.S. giants.
4. Double verification
For Albors, it is essential to add the two-factor authentication option. When you access your accounts from other devices, if this option is activated, you receive an SMS with a code on the handset you’re using to access the account. In that case, if your account and password have been hacked, there is nothing they can do because they will be required to enter the code you got delivered to your mobile phone.
Everything seems to indicate that biometrics is on its way to become the prime authentication method for accessing accounts and profiles. In other words, some of our physical traits will be used as passwords However, Albors notes that “we need to be careful” with this system too. “Stealing someone's fingerprints is quite hard, but once it is done, it is something that you will never be able to change,” he concludes.