The dark web sounds scary, and all the anti-virus, malware, and endpoint monitoring companies do their very best to scare you into thinking that it is where your data and identity go to die. It's a place where all types of illegal information is shared and traded. It is not a place you want to go.
But the truth of the matter is that everyone's data is on the dark web in some form or another. It could be as simple as old user names and passwords, to maybe things a little more concerning. There have been data breaches at companies going on for decades, and there are ones that have happened that no one knows about yet. There's probably a breach happening right now that won't be publicized for a few years, if at all. It's the actual reality of the internet.
The important thing to know is that you are not powerless to protect yourself. Truth be told you have all the power, and that's a good thing. But digital security is not automatic. You cannot download an app or apply to a service and expect everything to be okay. It won't. You must take control. It takes effort and diligence, but it's not too difficult either. Here are the basics that you can do right now to protect yourself:
Take Control of Your Passwords: The only passwords that you need to know by heart are your Mac computer password and your unlock code for your iPhone. If you use a third-party password manager, you will need to know that, but that's it. If you can remember your other passwords, then they are just too easy. You must use a different password at every website. That unique password should be complex and difficult to guess. Apple has the new Passwords app that makes creating, managing, and even sharing passwords easier than ever. There are also third-party password managers out there, but if you still use a spreadsheet or a notebook, it is all still the same process.
Turn On Multi-Factor Authentication: This is where you get a text or an email when you log into an account. You want to turn this on at every website or service that you use if it is offered.
Set Up Alerts: Most online accounts allows you to set up alerts. These could be if someone tries to log into your account, purchase something, or whatever else.
Set Up Recovery Information: Make sure that you add a recovery email or phone number to your accounts in the event that your primary email or phone number gets compromised. It will allow you to reset your password and get access to your online accounts a lot quicker and easier.
But what about Passkeys? Passkeys are the new kid on the block and promise to be more secure than the old systems of authentication. But passwords still linger in the background, even with passkeys enabled, meaning password management AND the management of the passkey come into play. There is a mix of good and bad that we will have to cover in a future article. Bottom line is that they don't absolve anyone from the best practices mentioned above. | 
