October is National Cyber Security Awareness Month. While we should be vigilant about online security all year round, this campaign is a good reminder to revisit best practices. Because, as Ice Cube once said, “you better check yo self before you wreck yo self.”
There is an entire month dedicated to cyber security awareness for good reason. With potential vulnerabilities affecting the Wi-Fi we use, the websites we visit, the emails we open and the devices that help us do everything, it’s easy to feel helpless against cyber criminals.
But, in this blog we are going to focus on some basic steps to help protect your passwords and privacy.
The Password Should Never Be “Password”
It’s temping to create a simple password so you won’t forget it. So many people feel that way, that the most popular password for the last three years has been “123456,” followed by “password” in second. And you’re not going to fool cyber criminals by taking those numbers all the way up to 9, or changing that letter “o” in password to a zero. I really expected more from you.
Cyber criminals are on to password laziness, and they will attempt to hack accounts the easy way, using the most common passwords on the interwebz. That’s why many websites require you to use a mixture of characters and may even rank the quality of the password you propose.
If you, like me, try so hard to thwart cyber criminals that you make your own passwords too hard to remember – there are handy apps for that like 1Password. This service controls all of your passwords and PINs, accessed by just one password.
You can also consider the advice of some industry experts who recommend using long “passphrases,” which can be extra difficult for hackers or computers to guess. For instance: “Your.Mom.Couldnt.Guess.This.In.195.Years.Squirrels!”
Or you can just hit the trusty “reset” password on the regular, and start the vicious password-creating cycle all over again.
Bottom line here: make your passwords difficult to guess by mixing numbers, letters and special characters when allowed. And change them regularly.
Repeating Passwords, Repeating Passwords, Repeating Passwords
Do you use the same password for multiple websites? You might think it’s harmless; you’re on a completely different website, why would it matter if you used the same password you also use for your email, Facebook, your website and Tinder?
It matters because cyber criminals know you do this, and they exploit it.
Earlier this year, the music streaming service Pandora alerted users to this very issue. Pandora did not experience a data breach, but analyzed data from another online service’s breach (rhymes with Shlinked Shin) and found matching usernames. Pandora contacted those users (myself included) to make sure we didn’t use the same passwords for both accounts, and encouraged us to change our Pandora passwords as well to avoid unauthorized use of accounts. Pandora went above and beyond in this case, and reminded many of its users of the risk of repeating passwords.
Bottom line here: don’t repeat your passwords between accounts, or a breach on one service could snowball into a much bigger problem.
It Takes Two-Factor Authentication
Another way to fight those sneaky cyber criminals is using two-factor authentication wherever you can.
Many online services offer a second key code to log in, sent by text/email or available on an app like Google Authenticator. This means that, even if someone gets ahold of your password for an important site, they still can’t access your account without that magic key.
Bottom line here: it’s worth doing this quick two-step where offered for a little extra peace of mind.
Staying Private in Public
It’s a special feeling of relief when you find free Wi-Fi! It’s definitely a selling point for many coffee shops, and blessed gift in airports. However, you should always limit your online activity when using public Wi-Fi.
Why? Because most public Wi-Fi is unsecured, which means you use it at your own risk.
When Wi-Fi is unsecured, hackers can have easy access to see what you’re doing and steal important information. While some may say that as long as you stick to encrypted sites (https:// in URL) you should be safe, I avoid anything that requires me to log in. That means shopping online or checking bank details while on public Wi-Fi is out of the question. CNet also has some helpful tips for using public Wi-Fi.
There is a nice solution if you must handle sensitive business in public, and it’s probably in your pocket – a wireless hotspot.
Most smart phones can be turned into a wireless hotspot, as long as you have phone signal and the right plan. With your own wireless hotspot you can create a password-protected wireless signal, or connect directly via USB, to keep online lurkers off your connection. There are also a slew of hotspot devices you can purchase if your phone can’t support your need for the interwebz. No judgment!
Bottom line here: public Wi-Fi should be used with caution and restricted to benign use, like cat videos.
Online criminals make the internet more complicated, but they shouldn’t spoil our fun or keep us from getting stuff done! Check out Homeland Security’s Stop.Think.Connect. campaign for more tips on how to stay safe online.