Almost every day you are likely to hear some mention of Cyber Crime, whether this is through fraud or websites being compromised. The clear message is that there is now a lot of data that appears to be getting stolen. Some of that data could be extremely sensitive and, even more critically, some of that information could hold usernames/passwords.
With so many sites and services now requiring you to register, the age-old password challenge is becoming more of a problem. I believe this is critical even more so now as more of our lives are becoming digital. Have a think about the following image:
Although this may bring a smile to your face or even make you chuckle, the reality is that this is probably closer to the truth that you may realise. We would clearly have no idea about what they do with our password and the chances are that we are simply looking for the secure padlock in our A software application which presents information and services from the web.... and believe all is good. Sadly, at times, this can be far from the truth.
We can all take some very simple and easy steps to help protect ourselves though;
- Use different passwords for your important accounts and don’t use your email password on your favourite website.
- Be creative with your passwords to make them strong. Pa55word! is actually not that strong. Try three memorable words and add numbers and symbols if required eg 5bluehairycar27!
- Use The use of two different components to verify a user's claimed identity. Also known as multi-factor authentication.... on your email account.
- Don’t use any personal details for your password:
- Current partner’s name
- Child’s name
- Other family members’ name
- Pet’s name
- Place of birth
Strong passwords do not need to be complex. What appears complex to us is not only difficult to remember but can be simple for computers to guess as we tend to use simple substitutions in words e.g. 0 (zero) = o, 5 = s, 3 = e
Where available you should make use of The use of two different components to verify a user's claimed identity. Also known as multi-factor authentication.... or A security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.... (A security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction....) and, in particular, this should be in place with your email account. The use of two different components to verify a user's claimed identity. Also known as multi-factor authentication.... provides an extra layer of security, as it means your account can only be accessed on a device that you have already registered. When you first log-in with a new device you are asked to complete a second step after entering your password.
Office 365 provides MFA as part of the solution and is simple to enable. You can enable a number of options to the second verification step such as a code via SMS, call or use their mobile authentication Short for Application, typically refers to a software program for a smartphone or tablet.....
Enabling Office 365 MFA is as simple as:
- You must be an Office 365 Global Admin to do these steps.
- Go to the Office 365 Admin Centre.
- Go to Users > Active users.
- Chose More > Multifactor Authentication Setup.
- Select the user(s) and choose Enable under quick steps.
After you enable MFA, give the following instructions to your teams to set up their second verification method for Office 365:
Hopefully, this has provided some food for thought. If you need any help with your Office 365 MFA configuration then please get in touch.