Here is some information that will help you when creating accounts either for work or personal. (this information comes from various sources including the FBI)
Make sure you are using a strong password. These should be at least 12 characters long, contain random characters (upper, lower, numbers and symbols) and be unique for each site. Most hackers if they compromise an account, will turn around and try to sign into other accounts with the same credentials because they know people will reuse the same password. You can utilize Okta to save these random passwords for you. For more information, please see the following short YouTube video.
If the account supports multi-factor authentication or two-factor authentication (mfa or 2fa), enable it. This can help if your password for the account is compromised because another piece of information will be needed for authentication. This is talked about as something you know, something you have, or something you are. Here is a quick article.
Something you know - this is your password.
Something you have - this is say your phone. You can get a text message, enter in a code from an application, etc. This piece of information is dependent on a physical/virtual object.
Something you are - this is biometrics. Your fingerprint, your retinal scan or your voice. This piece of information is personal to you and hopefully only you.
Here are the steps on how to enable MFA for Gmail. Most popular sites should support some form of MFA.
You have probably had to provide answers to some standard security questions when you have setup an account, one being "What is your mother's maiden name?" You do not have to answer these questions with the "truth". What that means is while you need to provide answers to these questions, do not answer them with information that an attacker could obtain off of social media. Say you are a member of your elementary school's Facebook page and you used "what is the name of your elementary school" as an account question, that answer may not be that hard to figure out. Instead, you could use information from your favorite movie, book, video game, etc. Information that only you would know. For date of birth, you could use November 5, 1955, the day time travel was invented or for your dream job, you could answer Safety Technician at Springfield Nuclear.
- Do not give your account information to anyone.
- Do not share your account credentials with anyone.
- Think about adopting a password change schedule.
- Enable MFA or 2FA on the accounts that support it.
- If you have really old accounts that you do not use, see about closing them or at least change their passwords.
- If you receive an odd request from an friend, employer, or a family member, pause and think about what they are asking you to do.
- Check to see what the email address the message is coming from. It may show a person's name that you know, but that can be faked. Look at the actual email address. The web version should show the address.
- I know everyone is busy and you want to respond as quickly as possible but stop and think about it for a minute. Email was never meant to be an instant communication.
- If you are signing into any of your account(s) from a public computer, make sure you log out of the account(s) and then quit whichever browser you were using. If you have time, open the browser back up and confirm you are signed out.
- You can check to see if any of your accounts were part of a data breach at have i been pwned
- None one at either Enthuse or Inspira Marketing will ask you to purchase any type of gift card via email or text. Please report these messages to support and ignore them.