Software and Computer Engineering

Guidelines for Protecting Your Online Identity

In mobile applications and websites you often have to log in to access personalized content and private data. This authentication process consists in proving that “you are yourself” and thus granting you unrestricted access your online identity.

Why you are at risk

Bad actors will attempt to compromise your online identity for profit in various ways: performing fraudulent financial transactions on your behalf, selling your private data, or using your legitimate online profile to boost their engagement numbers on online platforms.

Types of attack profiles

You should consider two kinds of attack profiles: targeted and non-targeted attacks:

Common online identity attacks

Let's learn what some of these attacks look like:

What you should do about it?

1. Password etiquette

2. Device hygiene

3. Phishing attention

4. Multi-factor authentication

Multi-factor through an authenticator app or through SMS defeats most of the attacks mentioned above. The only caveat being you needing to consider how would you recover access to your account in case the additional security factor is lost (e.g. phone broken, lost or stolen).

More Resources