Tech Tips: Cyber Basics

When reading about Cyber Security Tips & Tricks, often one finds the essentials: Setting up two-factor authentication (2FA), using a Password Manager to simplify using different complex passwords for each login, and ensuring devices are running the latest software patches keeping holes from leaking in the boat. From my experience, these Cyber Security essentials build a solid foundation when combined with Cyber Basics that aren’t taught in the local computer class. I’ll break down some recent personal experience that highlight this hidden digital divide:

As we use Microsoft 365 at work, I went to sign in to my Outlook email and found that I forgot my password. For the past month, Windows remembered my login and I didn’t need the password to log in to email.

Perhaps many of you have run into this situation, needing to reset your password that one day you didn’t have that extra coffee. I checked that I was signing in to the correct address www.outlook.com and wasn’t being tricked with a fake website. Then after clicking through to reset my password, I was prompted with a few steps. One being to pick my alternate email to receive a code. The email was partially visible and after a click, sure enough, Microsoft 365 sent me a verification code. I popped into the Microsoft password reset screen. Next, as this was a business account, I also needed to use one more additional option to verify me. I had set up an Authenticator app, I also used the authenticator code to verify and set a new password.

Until recently I have taken this process for granted as it seemed straightforward. It wasn’t clear to me that the public is constantly catching up with the finer details of apps, smartphones, and the latest operating systems. Each person with varying degrees of usage, feature and setting experience, and solo learning, contributes to this hidden digital divide.

Over the past months, I had interactions with users of varying ages, those who grew up with smartphones in their adult life, middle aged users, and seniors and elders in our communities. They reached out for help as they couldn’t get into their online accounts – both e-mail and in one case Windows computer. At first glance the team and I thought a simple password reset would be in order. Hoping for the same approach that I used personally when my password needed a reset.

These users had their password saved into their computer so that when they went to use their computer, they didn’t have any problem accessing their account. In fact, they might have even had the password saved on their smartphone and be able to use their smart phone to access their e-mail and whatnot. However, as they didn’t know the password they couldn’t sign back in on the other device and when we went to reset the password we found that not all users had an alternate e-mail address, or alternate phone number that was working.

Here’s a few things that we ran into: 1) a user had a backup phone number that was a landline and would not accept the verification text messages. 2) the e-mail account that was listed as the alternate e-mail was one that no longer worked and that was deleted by the email service provider – it hasn’t hadn’t been used in a long time.

Let’s look at #1, in the past we could text to landline with the phone line company where we could pick text on the password reset and the text would come in and be transcribed to audio and played over the telephone when you answered. Then what we found is the telephone providers have retired this technology so that there is no more text to landline. To add fuel to flame in this situation, even Microsoft is not allowing you to use the call my phone number feature for personal accounts anymore.

As you may know, when subscribing to a free service from Microsoft or Google, the trade off is that there is no Technical Support. One can’t just pick up the phone and call a human for help. And if someone is calling you from Microsoft or Google or some other provider there’s a high chance that it is a scam and that they’re trying to trick you. Microsoft and Google just don’t pay anyone to watch the issues in personal accounts because it’s free they will never contact you by phone to try and reset your account or warn you of a breach if it’s your personal account. I recommend reaching out to your local computer store for support.

Let’s look at #2 Microsoft and Google and others have been working hard to clear up old accounts that haven’t been used in a long time. These could even be accounts held by seniors and elders in the community that maybe they only signed into once every year or two but are somehow connected with some important things like a smartphone that has a lifetime of digital memories. There are even times where that friend or nephew or even that computer guy one used to work with may have set up a temporary account on a system such as Hotmail, Outlook, Yahoo, or Google just to get the device working.

These are accounts that likely where never used and when it comes down to someone who needs to reset their password, having a unknown alternate email or phone number leads to a world of trouble. Even recently we’re running into more frequent times where people have old e-mail addresses with Internet providers that have either sold or closed. As such those old e-mail accounts no longer work as alternate verification methods to access your account.

Windows 11 requires a Microsoft account to even log in to Windows. We experienced a case where someone lost access to the computer and couldn’t sign in just for the reasons listed above. All the data on the computer needed to be erased to install Windows again. It’s a sad day when someone’s photo’s, videos, paperwork, and more are lost due to the hidden digital divide. Dare we blame the users? I for one think the technology is changing so fast that it is best to take pause and support each other catching up.

Reference these Cybers Basics:

  1. Write down the password in a safe place, until learning how to use a Password Manager
  2. Ensure online accounts have an alternate email (that is accessible)
  3. Ensure online accounts have a working backup cell phone number
  4. Remember that Microsoft, Google, Facebook and more won’t call you – if someone says they are, it is a scam – even if it seems truthful
  5. Only paid services have real tech support
  6. Reach out to your local Computer store and meet in person if unsure
  7. Trust the Yellow Pages vs Google/Bing search for tech support – Scammers frequently list on Google

The moral of the story is let’s take a moment to look at the Cyber Basics. Please talk to friends and loved ones to ensure that they have the passwords written down for their accounts, at least until well versed in using a password manager. Take a moment to look at social media and personal email accounts: Microsoft, Google, Apple, Facebook, etc. to make sure that the recovery alternate email and cell phone numbers are correct. To ensure they aren’t set to use accounts or phone numbers long gone.

Taking just a few moments with loved ones and friends, perhaps, will prevent a world of hurt or loss of a lifetime of digital memories.