We often put a lot of effort into protecting our homes and businesses with specially-designed security systems. But with so much of our lives online in the 21st century, it’s difficult to understate the importance of cybersecurity. If you haven’t given it much thought, you may well be thinking, “Well, I don’t have anything to hide”. But the reality is actually very different.
With just a few snippets of information, such as your address, date of birth, and name, someone with the right knowledge, tools, and connections could steal your identity, apply for credit in your name, and leave you with a big mess to clean up.
Alternatively, someone with a little bit of knowledge could lock your computer and demand you pay them a large sum of money to be able to use it again.
To help protect yourself, here are some of the simple steps we can take to improve our online security.
Follow Good Password Practice
With accounts for just about everything these days, it can be difficult to remember all of our passwords. For some people, the solution to this is to use the same password for everything; after all, that means we only have to remember one.
The problem with this is that that also means that a hacker only needs one password to have access to all of your accounts. And since you likely use the same email address and username for everything else too, it won’t be difficult to gain access to everything from your email account to your online banking.
Instead, you should use a unique password for everything. And if you can’t remember them all, use a secure password manager like LastPass. These handy tools can also help generate secure passwords for each site and alert you to any duplicates.
These secure passwords should not be dictionary words, even if you add the number one at the end. Even relatively underpowered computers could crack a password like donkey1 in a matter of seconds.
Instead, your password should be a mix of random letters, numbers and symbols like sGoB2Qv$j^&2.
Enable Two-Factor Security
Even when following all of the recommendations for password security, hackers can still find ways to compromise your account. One of the most effective ways to get around this is to enable something called two-factor security.
This works, in addition to your username and password, by requiring you to enter a one-time password each time you log in. Since this number changes each time you log in, a hacker that was reading your keyboard strokes wouldn’t be able to log in with the information they’d captured.
There are a few different systems available for this. For example, PokerStars uses an RSA Security Token while CloudFlare customers can use the Google Authenticator app or a physical SSO key.
You’ll find that your bank probably has its own proprietary system, while some companies may send you a code via SMS instead.
Whatever system is in use, your account is infinitely more secure with two-factor security switched on. Just follow the same best-practice techniques as you do with your password: don’t lose a physical key and don’t tell anyone a one-time password. Not even the police or a representative of the company that the account is with.
Don’t Trust People You Don’t Know
Every day, call centres filled with people are calling up millions of people around the world, claiming to be from their internet provider, phone company, Microsoft, the police, and other authoritative organisations.
They tell the people that answer the phone that there’s a problem with their computer and they need to fix it, before asking them to install special software that lets them remotely log in and take control of their machine.
They will then attempt to do one (or more) of several things, including asking you to sign in to your bank account so that they can record your username and password as you type them. They may even ask you to pay a lot of money for security software to solve a problem that doesn’t exist.
There are no technical solutions required to protect yourself from these. All you have to do is not trust strangers that call you out of the blue, never let someone connect to your computer, and just hang up the phone. Just remember, neither Microsoft, your bank, nor the police will ever call you up and ask to take control of your laptop or ask you to move money to a different bank account.
All of these steps are quick and easy to implement but can make a huge difference in keeping you, your computer, your identity, and your money safe.