There are lots of things that need to be done to ensure the security of a system or network. Sometimes this process can be long, tedious, and confusing to set up for yourself. Oftentimes you will need a professional to handle things for you.
Here we will provide 3 easy to use tools that you can use right now to improve the security of your system. They will help increase your awareness of cybersecurity and will also be fun to set up.
Canary Tokens are things that can inform you if your system has been broken into. Think of them like tripwires; if a hacker gets into your infrastructure and steps on a tripwire, you’ll be notified that your system, or part of your system, has been breached. Canary Tokens can vary from being an email address, to a document, or even a server.
Once these tokens are installed on your system, you let them sit there and don’t engage in any interaction with them. They act like a honeypot, in the sense that only an attacker will engage with it, and once it detects that it has been opened or messed with, it will send you an email or text to warn you
They are easy to set up, simply visit the website https://canarytokens.org/generate. From there, select the type of token you want to use. I would recommend a simple word document to start out. Then put in your email, and write a message to yourself for when that document is opened. After that, simply download the document. Now you have the document in your downloads folder and can move it to wherever you’d like, waiting for an attacker. As soon as that document is opened, you will get alerted.
“Have I Been Hacked?” Email Checker
As we mentioned in a previous article, hackers can obtain your email and password through various methods, most prominently phishing. https://devsafehouse.medium.com/top-3-cyber-threats-that-small-businesses-face-c602813d1839.
However, even if you are cautious and keep your email and password to yourself, you are still subject to password leaks. Services that you might have subscribed to on the internet will have your passwords, and if they are hacked, your passwords will be leaked.
There are many websites to check if one of your emails have been leaked, and this is how they know. When an internet service that you use online gets hacked, the hackers will post your login credentials online to try and sell it to the biggest buyer. The email checker website will see this and inform you that your email has been compromised. It is crucial to ensure your accounts security as hackers can use it to see your credit card info, medical documents, or even steal your identity.
The email checker that I recommend would be https://haveibeenpwned.com/. All you have to do is enter your email address to see if it has been a part of any data breaches. Then, the website will tell you if your account has been ‘pwned’ or compromised, and which data breaches it was exposed in.
Nonetheless, it is a good idea to change your passwords every once in a while for increased security.
Two-factor authentication has proven to be very effective in securing your accounts. It is basically a tool that requires a user to login with two passwords instead of one, where the second password can be in the form of a button on your phone, a 6-digit code, or a phone call.
I would recommend using the 6-digit code, and use one that changes every several seconds. This would be the most intuitive, easy, and secure method to use. You can set it up here at https://guide.duo.com/enrollment. Just follow the steps and in the end you will be logging in with a password typed into your computer, followed by a push or a passcode sent to your phone.
Safehouse is working on smart honeypots to further ensure the security of your system. Check out more at https://safehouse.dev.