In 2021, it was no surprise to see continued password-related breaches. Shifting workplace dynamics, security staff shortages, cryptocurrency and its interlink with ransomware all fueled more malicious activity.
With online safety however, users have the tools at hand to combat online threats. The big lift lies in helping people become aware of all they can do in 2022.
Of course, folks like John Opdenakker, self-described “infosec blogger and tweeter with traces of bad humor, sarcasm or irony,” nails one of the most important predictions for next year.
In all seriousness, the time for consumers and businesses to focus on security is now. Here are a few predictions to help folks know where to pay attention.
Far beyond computers and smartphones, every device from TVs to cars is inundated with a slew of applications. Each of those applications requires keeping track of login information which can be tricky for people to remember on their own. We’re likely to interact with more devices and more applications over time, so now is the chance to take control of your online identities.
Getting connected to a new phone, new computer, new browser, or other device is easier with the help of a password manager.
Look for a password manager that is available across platforms and stores unlimited passwords across unlimited devices.
Across consumers and businesses, web services continue to push adoption of two-factor authentication, also frequently known as multi-factor authentication, two-step login, or two-step verification.
A recent reminder from CISA (Cybersecurity and Infrastructure Security Agency) advises to:
Implement multi-factor authentication for remote access and administrative accounts.
In October, Google reiterated its commitment to two-step verification) to hundreds of millions of users.
By the end of 2021, we plan to auto-enroll an additional 150 million Google users in 2SV and require 2 million YouTube creators to turn it on.
While many websites offer two-factor authentication via SMS message or email, it is far safer to use an Authenticator App such as Authy, Google Authenticator or many others.
Be sure that for each website where you turn on two-factor authentication, you retain your recovery codes in case you lose your authentication key.
If you use an Authenticator App, be sure to back up your account and your authenticator keys in the event you lose access to one of your devices. This will help you avoid being inadvertently locked out of accounts.
Many password managers have built-in authentication and can help you manage two-factor authentication for many websites, including the ability to share those login sequences with others, if desired.
The last two years showcased many facets of business resilience, driven in a large part by our ability to function in a remote or hybrid world. Of course, doing so required a new set of tools such as video conferencing, business messaging, and online document collaboration.
By default, distributed teams means more sharing online, and too frequently people share sensitive information without taking the right precautions.
Train everyone in the importance of strong unique passwords. CISA suggests: mandate strong passwords and ensure they are not reused across multiple accounts.
When sharing secure information, use an end-to-end encrypted solution such as a password manager.
To share information directly with anyone, consider using an online, end-to-end encrypted product like Bitwarden Send which stores information safely with automatic deletion after a period of time.
Unfortunately in 2022, breaches will continue, in part because malicious actors know that people tend to reuse passwords, or choose passwords that are simple and easy to crack. For example, if one service is breached, and you have used the same credentials on other services, your likelihood of a hack becomes high. While you cannot necessarily do anything to strengthen the security of the services you use, you absolutely can do something about the credentials used for each of them.
Use unique passwords across every website or service you use and store them in a password manager.
If one site gets breached, immediately change the password on that site and rest assured that other unique passwords for other services you use remain unaffected.
For advanced users, create unique email aliases for different services to further protect yourself.
With crypto options ranging from currencies to NFTs users must take significantly more care with their credentials as they represent digital assets that store significant amounts of monetary value.
While some services will offer account recovery, others rely on users to maintain not just usernames and passwords, but also seed phrases and recovery codes. In some cases, a user who loses their seed phrase or recovery code may be permanently locked out of their account and lose the ability to access digital assets.
Use a password manager to help you keep track of usernames, passwords, seed phrases, and recovery codes.
Even if you use a hardware wallet or other device, you can keep critical info for that device safely within your password manager.
If your assets become significant in value, set up Emergency Access for your Vault in the event you can no longer access it, allowing a significant other or loved one to take over your accounts.
With increasingly digital lives and the bad actors unlikely to go away, the power of being safer online lies with you.
If you are not already using a password manager, consider that to be your new year’s resolution. Start with a single password like your favorite streaming service, try using it across devices, try changing the password to something from the password manager random generator.
If you are not using a password manager, now is the chance to get started. As an individual you can store unlimited passwords across unlimited devices forever in the Bitwarden Free Plan, or upgrade to Premium Features for extra capabilities like the Bitwarden Authenticator, Vault Health Reports, and storing file attachments.
For businesses, be sure to put your company in the best position to stay safe. Start a free trial for a Bitwarden Teams or Enterprise plan today.