It’s Cybersecurity Awareness Month this October, so we’re passing on a number of simple security recommendations for online activity, in order to promote Internet safety.
Never forget that any kind of business or work you do online – including email, shopping, social media sites, and surfing – warrants some level of scrutiny. So spend some time during Cybersecurity Awareness Month thinking about what you need to do to make yourself less vulnerable to attack as you use the Internet.
Changing passwords and making sure that you don’t use the same password for multiple sites is still very important – in spite of recent warnings that frequent password changes might result in simpler, more guessable passwords. If one of your accounts is compromised, you probably don’t want all of them to suffer the same fate. And the passwords you choose should be complex enough to not be easily guessed. Once you have dozens of passwords, you might elect to use a secure password repository to keep track of them.
You can also add levels of security for some of the services you use. I was surprised when I checked that multi-factor login credentials are easily configured for Gmail/Google.
When setting up a multi-factor login you can request that a code be sent to your phone – a code you need to enter after your password when you log in.
The choices include:
- Getting a prompt on your phone that you have to respond to by typing “Yes” (no codes to remember, but your phone has to be involved in the login).
- Using the authentication app to get a list of verification codes. No phone required. You’ll get ten codes, each can be used only once.
- Setting up a backup phone in case your primary phone is lost or stolen.
- Using a security key on a USB that you plug into your system.
Maybe someday all of your accounts will require some out-of-band confirmation that you’re really you. And, while this will add a level of complexity to every login, the extra trouble can go a long way toward keeping your accounts, your reputation, and your money safe.
Don’t trust links – examine them, retype them, and don’t click unless you’re confident they’re not leading you astray. Hover your mouse over links and make sure they point to the resource they pretend to point to. And beware of carefully crafted look-alikes. An extra letter, a 0 in place of an O, or a b in place of a d might not be obvious unless you look closely.
Don’t trust public WiFi
Don’t trust WiFi in public places with anything you wouldn’t share with anyone – especially don’t log into sensitive accounts like your bank accounts. You might be sharing everything you type and could be completely oblivious to the possibility that someone is ‘snooping’.
Article source: http://www.computerworld.com/article/3131019/personal-technology/cybersecurity-awareness-month-tips-for-online-security.html