How to be Safe Online Using Passwords - With Another Step

The National Cyber Security Alliance is taking the online safety message to a city near you. A national campaign is spreading the word that multifactor authentication is easy to use and available now — often for free.

by / August 16, 2014 0

NCSA Tennessee Audience

Photo Credit: Kristin Judge

With so many online cyberattacks, data breaches and identities being stolen every day, how can we possibly protect ourselves in cyberspace?

Meanwhile, according to a recent article in Forbestoo many people continue to have lame passwords.

So what online tools, tips and resources are available to help? What websites can we trust to provide ongoing messages and solutions that are needed?

Just as important, even if there are potential security solutions to protect our identities, where is this message being offered in clear, easy-to-understand language? Are there any practical, hands-on workshops available?

This blog will cover these topics with some practical examples.

The National Cyber Security Alliance (NCSA) says "Two Steps Ahead: Protect Your Digital Life."

The crowd listened intently as U.S. Rep. Marsha Blackburn (R-Tenn.) spoke on the importance of Internet Safety on August 5, 2014.

U.S. Rep Blackburn and Michael Kaiser

U.S. Congressman Marsha Blackburn and Michael Kaiser from NCSA - Photo Credit: Kristin Judge

The event, held in the Wilma Rudolph Event Center in Clarksville, Tenn., was another stop in a series of roadshows developed by the NCSA to educate consumers and businesses about adding layers of security to their everyday online activities.

Why now? What are the main messages in this national campaign entitled Two Steps Ahead: Protect Your Digital Life?

Michael Kaiser, executive director of National Cyber Security Alliance, outlined this clear message:

"Getting out to the public with information about how to implement better security is critical. The passwords '123456' and 'password' remain the most popular passwords and provide very little protection against the bad guys.

Couple that with the recent news that Russian hackers have stolen hundreds of millions of passwords and credentials and the recent retail data breaches, and it's clear we need to double down our efforts at account security. Using multifactor authentication, available at many of the Internet's most popular websites, is something that users can opt into today to increase their security.”

The NCSA, a nonprofit partnership focused on helping everyone stay safe and secure online, is holding a series of workshop events all across America to highlight this important cybersecurity message. The NCSA works in partnership with other nonprofit groups as well as corporate sponsors such as Google, Microsoft, Facebook, AT&T, Visa, Walmart, Costco, Intel, Symantec, PayPal, Yahoo and others on a wider series of messages under the banner of: STOP. THINK. CONNECT.

Solutions please

While many people understand the password problems all too well, the readily available two-factor authentication method is used far less than you might expect.

What is the solution? The stopthinkconnect.org website offers solutions and answers questions like:

"Email providers and financial services to social networks and blogging platforms are implementing new security features that can help their users add another layer of security to their accounts. These technologies are often referred to as two-step authentication, login approvals, multifactor authentication, etc., because they add a new layer of protection by adding a second element — in addition to a password — to protect your account.

These methods provide an extra layer of security. Most people only have one layer to protect their account. But combining something you know (your password) with something you have (your phone, a token, fob, etc.) makes your account even more secure by requiring the second element to log in. Simply put, two-step authentication makes sure it's really logging in, not just someone who has your password.

What is Two-Factor Authentication?

Why Should I Secure My Account?

How Do I Enable It?"


Wider messages to a wider audience

And Tennessee is just one stop on this important nationwide tour.

A previous event was held in June 2014 in Omaha, Neb. Upcoming events are planned for Hartford, Conn.; Ames, Iowa; and Northfield, Vt. 

And the Two Steps Ahead Campaign is only one of many campaigns currently being run by stopthinkconnect.org.

Coverage of these events has been very positive in the media. For example, this article was written in preparation for the Connecticut workshop planned for this upcoming week. Here’s an excerpt:

"The workshop will feature speakers from a variety of sectors and feature an opening keynote address by Connecticut Senator Richard Blumenthal.

The morning will highlight a hands-on demonstration to show attendees how to step-up their security on sites like Google, Facebook, Microsoft and LinkedIn. The event will conclude with a panel discussion featuring Attorney General George Jepsen, Connecticut Better Business Bureau President/CEO, Paulette Scarpetti, University of Connecticut Professor Dr. John Chandy and William H. Efron, Director Northeast Region Federal Trade Commission.

The government and academic experts’ focus will be on helping businesses and consumers insulate themselves from proliferating and ever-evolving Internet and other digital-based scams."

Wrap-up

One thing I really like about the National Cyber Security Alliance is its easy-to-use online portal covering many Internet safety topics.

Two related lists of blogs, articles and other resources include: stopthinkconnect.org/blogs/ and the www.staysafeonline.org/blog/

If there is an upcoming NCSA summit/workshop near you, I urge you to attend. You can check out the schedule and RSVP for a free space at the events page.

Either way, spread the word.

There are better and more secure ways available for everyone to connect online than using simple passwords.

Dan Lohrmann Chief Security Officer & Chief Strategist at Security Mentor Inc.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Follow Lohrmann on Twitter at: @govcso