West Michigan's Morning News
Managing Online Accounts
I'm Victoria Cash, and I want to invite you to a place called Lucky Land. Where you can play over a hundred social casino-style games for free for your chance to redeem some serious prizes. So what are you waiting for? The best way to discover your luck is to spin. So go to luckylandslots.com, that's luckylandslots.com, and get lucky today! At Lucky Land! No purchase necessary, VGW Group. Boyd, we're prohibited by law. 18+ terms and conditions apply. So how to find and manage all online accounts linked to your email. This is Wes Michigan's morning news. Steve Kelly and Brett Bikini Schmidi back with us soon, a host of the professional CISO podcast, cyber security expert, David Malekode on the live line with us again. David, thanks for doing this today. Thanks for having me. So let's start with why. Why is it important to do this? Yeah, and I think it has to do a lot to do with the idea that they could be out there and they could be kind of abandoned, right? And so you just kind of have these things sitting out there that are a part of your identity and they they represent you. And they now, if you don't know about them or you're not tending to them, you may have that issue where they get attacked and you may never even know it. And so you could be compromised and not know it at all. Here's something else weird that happened to me once had to reset an account. And the account was linked to a email address, like so many things are, I didn't use the email address. I wouldn't even share the email address. Right. Oh boy, that took about a month to resolve. So you got to kind of know what everything is linked to for resetting things to, right? Absolutely. Yeah, you have the issue where they kind of tame together almost, right? So typically the identity is rooted in some sort of email or something like that. So the challenge is if it's something you did, I don't know, five, 10 years ago, I know I have my memories. Not that great. I may, I may struggle to know what the email address is associated with which account. Yeah. And I always have something clever that I'll never forget. And I'm not that clever. And I always forget. So how do I find which is linked to which? So I think right now, one is I would suggest an inventory, right? And so just try to think about all those things that you have. See if you can write them down. Another good place is quite honestly, everyone at this point has probably been involved in some sort of hack, right? So typically from those, you get that free credit monitoring. And part of that free credit monitoring is a dark web scan for your identity. A lot of times those type of things will surface these things to the top that you may forget about. I just can honestly say I had one the other day that came up some sort of alert on the dark web. And here it was. It was an old email address that I had used in like a decade. So I think it's the ability to go back and look into those things. And then try to start doing a little bit better moving forward, right? So maybe you use a password manager that will keep track of all these things for you. You have a central repository that you've been able to put these things in. Can you delete old emails and old accounts? I mean, how do you go about that process? Like you said, and Steve and I have been in this situation, if you've got something you're not even really using anymore, just to get it off there. Yeah. And I would say that it's probably difficult. Typically those free services they tend to have it to where it's one of the hardest things that you would ever have to do. I would say if you do find one, the suggestion would be is put a nice strong password on it, put it in your password manager or write it down somewhere and note that's very, very secure. And just make sure that you check it from time to time to make sure that it's not compromised. In the end, you can delete them. But again, it's very, they make it very difficult because they don't want you to leave. Obviously, they make it very sticky. Go back to the importance of resetting your password. How often do you tell clients to do it? So there's a couple of different schools have fought on this. One of the government entities that guides a lot of cybersecurity is called NIST, the National Institutes of Science and Technology. And they put out guidance on this. And their guidance is if you use a sufficiently long password, you really, you should never redo it. 16 characters is the least anything under that. You'll want to reset them probably about once every 90 days. I'm not saying it's great. That's why they went to this. That's why they went to this if you set your password of 16 characters or greater. Then at that point, you really, they don't recommend you change it all because it is so difficult. Most time people write them down, most of the time they go and put them in a place they get compromised. They found that the likelihood of people writing on a sticky note is much higher if they're much shorter than that. So 16 characters are greater. Really wouldn't have to worry about changing them. You'll get great advice on the professional CISO podcast, cybersecurity expert, David Malekot. Thanks for your time today. Thanks for the time. Appreciate it.