Technology allows people to have multiple online accounts, including email, social media, online cloud storage, and corporate accounts for work/professional services. Remembering all the associated passwords can be difficult, and behavioural pattern research indicates that users are still using the same password or slightly different iterations of the same password.
Valkyrie are keen advocates of password managers and multi-factor authentication (MFA). No procedure or system is entirely secure; however, these measures lower your risk of a security breach. MFA are numeric or alphanumeric codes sent to your device to ensure you are the one logging in. These codes are often called ‘verification codes’ or ‘one-time passcodes’ (OTP). Despite the name, these codes are the same; they serve a purpose and are an additional security layer to your online accounts.
With MFA, you need to ensure that this additional step is well protected, too, whether that’s making sure your registered mobile number is always up to date or you’re the only one with access to your mobile phone. SMS-based verification codes aren’t perfect or as effective as an authenticator app.
Valkyrie believes it’s still good practice to tidy up after yourself and ensure that any codes you receive are wiped once utilised. If your handset runs Android, you can get passcodes automatically deleted from your phone if you use Google Messages to manage your text messages. Inside the app, tap on your Google account profile picture (top right), then choose Messages settings. Tap on Message organisation and then enable auto-delete OTPs after 24 hrs. There is also a feature which will be released in iOS 17; this is yet to be officially released, likely mid-Sept 23.
Automatically deleting passcodes can undoubtedly help. But there are other precautions you can take to make sure the risk of your accounts getting exposed is as small as possible. The key is always to keep your screen locked down; the harder it is for someone else to get on your phone, the harder it is for them to access your passcodes. Another tip would be to place a privacy screen on your device to deter prying eyes. If you receive an unrequested verification code, someone is likely trying to sign in to your account. This means your username/password could be compromised. If this occurs, log into your account and change your password immediately.
For security advice on how to keep your data safe, please get in touch with us at Valkyrie.