October is the “Cyber Security Month in Europe,” so Google presents the findings of a study by YouGov in Romania on online security and personal data protection. The YouGov study is a representative one and took place online between September, 2018, on a sample of 1001 adults.
According to the study, more than half of Romanians (53 percent) use the same password for several of their accounts, in some cases for most accounts (25 percent) or even for all (7 percent). A 43 percent say they have different passwords for each online service they use. Most of them choose a combination of numbers and words for passwords (36 percent), and a quarter (26 percent) adds to this mix of password formation and symbols.
In general, Romanians are not too concerned about the risks to online security. More than half of those using online services requiring a password responded that they are not worried (44 percent not very, and 11 percent not at all) that any of their online services accounts could be attacked. On the other side are 41 percent of the respondents: 9 percent are very worried and 32 percent are quite concerned.
In terms of 2-step authentication, 62 percent of Romanians say they use this method for at least one of their online services. The reasons why the rest of the people (38 percent) do not use this method are different, based on the fact that they did not think about it (29 percent) or did not hear about it (14 percent) and the lack of need, 19 percent, or trust (17 percent do not think it makes their accounts more secure).
Based on these results, Google offers some tips for better security of online services accounts:
- Secure your passwords
Passwords are the first line of defense against cybercriminals. It is essential to choose strong, different passwords for each of your accounts.
- Use a unique password for each of your important accounts
Choosing the same password for all your online accounts (social networks, stores, online banking, email, etc.) is similar to using the same home, car and office keys – if an offender manages to get one, all the rest are compromised. So do not use the same password for a store that you use for your email box or bank account. Maybe it’s less convenient, but choosing different passwords gives you more protection.
- Manage your multiple passwords
A password manager, like Smart Lock in Google Chrome and Android, helps protect and track all passwords for different online accounts. It is able to even remember the answers to security questions and generate random passwords for you.
Configure your password recovery options and keep them up-to-date
- If you forget your password or you are blocking access to your account, you need to find a way to get back into your account. Many services send you a message to a recovery email address if you need to reset your password, so make sure that that address is up-to-date and that it refers to an account that you can access.
- Sometimes you can also add a phone number to your profile to receive a password reset code through a text message. Adding a mobile number to your account is one of the easiest and most reliable ways to protect your account.
- For example, the online service you have an account with can use your phone number to prevent people trying to access your account unauthorized. It can also send you a verification code so that you can enter your account if you are stuck in your account. Sending a recovery phone number to Google does not mean that you have included in marketing lists or that you will receive more tele-marketing calls.
- Mobile number is a more secure identification method than the recovery email address or a security question because, unlike the other two, your mobile phone is physically in your possession.
- However, if you cannot or do not want to add a phone number to your account, many sites may ask you to choose a question to verify your identity if you forget your password. If the service you are using allows you to create your own question, try to find a question that only you can know the answer about and that relates to something you did not publish or post on social networks.
- Try to find a way to make sure that your answer is unique and that you cannot easily forget it – you can do so by referring to the advice above – so if the answer would have been guessed by someone, the person not knowing how to enter it correctly. It is very important to remember this answer – if you forget it, there is a risk that you can never access your account again.
Authentication in two steps
- Two-step Authentication means that in order to be able to authenticate you to your account, you need to take a second step after entering your username and password. If you enable bifactory authentication, hackers will not be able to access your account solely on the basis of your username and password.
- This second factor (beside the password) can take different forms, depending on the online service. For example, with Google, this step may be a request in the Google application to accept authentication from an authorized device, physical security key, or a code to enter (such as a six-digit code generated by the application Google Authenticator).
- A security key is a physical device that is inserted into the USB port of your computer or connects to your mobile device via Bluetooth or NFC (Near Field Communication).
- Many of your online accounts, including banking or social networks, offer bifactory authentication options. Much of this allows you to use the same security key or the same Google Authenticator as the one you use for your Google Account.
Google at any time supports people in protecting their privacy and online security. And the tools are available to everyone:
My Account: provides access to all data and privacy settings
Privacy Checkup: Helps you check and modify data that Google uses to personalize your online experience
My Activity: Helps you check and delete online activity information associated with your account.