5 Steps for User Security from Kevin Mitnick, the World’s Most Wanted Hacker

Written by Mitnick Security | Jun 20, 2017 12:00:00 AM

As one of the world leaders in cyber hacking, Kevin Mitnick has a lot to say about user security.

Today’s digital world is more fraught with cyber threats than ever before. A number of high profile hacks have made their way into the headlines, bringing to light the sheer amount of damage a security breach can cause.

Kevin Mitnick is the world’s most famous hacker. After hacking 40 major corporations because he was looking for a challenge, Mitnick launched a security consultancy firm where he now provides security services to the Fortune 500 and governments all over the world.

This article is going to look at Mitnick’s top five tips for user security.

Use a password manager

Using a password manager to store your passwords is a great idea provided it’s secure enough that it can’t be hacked. Choose something that is a sentence and therefore more complex to guess. A well-known phrase or quote from a book is a good idea. You could even use a line from a song or a quote from an inspirational person.

Use websites that enable two-factor authentication

Two-factor authentication (TFA) is a great way to add an extra layer of security to any sensitive information. Even if your password is breached, TFA is a great way to ensure you’re still protected.

The added bonus of this kind of authentication process means that, although your personal information is safe, identity theft is also harder. The only downside to this type of security is that there can often be delays if a hardware token (such as a card reader or fob) is lost and needs replacing. This is particularly relevant when it comes to online banking.

Don’t use public Wi-Fi

Avoid public Wi-Fi at all costs. If you can, use your phone as a hotspot or even buy your own internet hotspot and enable WPA to ensure your connection remains encrypted. This may not be a suitable solution either and those cases, subscribe to a VPN service instead.

Install the HTTPS extension everywhere

The HTTPS extension will force website visitors to go to a secure website as opposed to an unsecure one and therefore reduce the risk of a security breach. The extension will fix problems that include websites defaulting to the unencrypted version of the website or providing links back to the unencrypted domain by rewriting the requests to HTTPS.

Turn on OTR (Off The Record)

If you use a messaging tool, then you can encrypt your messages by turning on the ‘Off The Record’ function. This means that all information passed between you does not have a digital signature and therefore any sensitive information can be securely transmitted without the concern of breaching any safety regulations.

This very cool overview and other interesting articles can be found at the source.

Source: Insights for Professionals (IFP)