- Have a Secure and Unpredictable Password This may seem like an obvious one, but you’d be amazed at how many people have insecure passwords like “password,” the name of the site, their birthday, their first name, etc. These are the first passwords that any hacker will try! Here’s a list of passwords to avoid:
Anything related to your personal details (name, birthday, birthplace, maiden name, etc.) Words related to the site itself. For example, if it’s your Facebook password, do not use the password “Facebook” or any variation (i.e. “Facebook123″). Dictionary words. If someone tries to brute force your account, it can be cracked in a matter of minutes if you use a common dictionary word (i.e. “dog,” “cat,” “chocolate,” etc.). Short passwords. Regardless of what your password is, never have a short one! Do not store your passwords in a text file on your hard drive! If you ever get a virus or lose control of your computer, someone could steal your entire list of passwords! Do not use the same password on more than one website! If you do and someone manages to hack into one account, they’ll then have access to all of them. It’s like using the same key for your house, safety deposit box, and car. You lose the key, you lose everything. Minimise the damage! Now here are a few tips for good passwords!
Your password should be at least 8 characters long, but more like 10-15 is even better! The best password is a long combination of random numbers, letters, and symbols (i.e. Dxg]G9xB%8]Uh). If you think that’s too difficult to remember, you can try coming up with a phrase that’s only meaningful to you and turning it into letters, numbers, and symbols. For example I<3MRed4re! (I love my red Ferrari). But remember to still avoid matching the topic of the website. If it’s a car/Ferrari forum, do not choose a password that relates to cars or Ferraris, since that will be a hacker’s first guess! Furthermore, try to disguise the phrase as much as possible. If it’s something obvious like [email protected], it’s hardly much better than “Ilovecats,” which is a very insecure password! Alternatively, long strings of complete sentences work well too! Examples include: “The horse’s mom climbed up the wall!” It’s a legitimate sentence so it’s easier to remember than random strings of characters, but it still contains upper and lowercase characters and symbols! Always use a different password for every website. is it enough? Now you must have to check this eye-opening article : Password myth a hacker don’t want to let you know 2. Secure Your Recoveries! Most recovery systems set us up to be hacked.. not on purpose, but it just comes down to poor design. Common recovery questions include:
What is your maiden name? Where was your first honeymoon? What is the name of your hometown? What was the name of your first school? Who is your best friend?
With everyone using social media sites and blogging about their lives, almost anyone can find out the answers to these questions in a matter of minutes. You probably posted about your honeymoon on Facebook, the name of your first school can easily be determined on social media sites or through a bit of research (discovering your hometown and Googling to find elementary schools in the area), and your best friend might even be listed on your many social media profiles! See what I mean? This information is not safe. If someone wanted to get into your account, all they have to do is answer the recovery questions and those answers can easily be determined. So how do we fix this? Treat each recovery question like another password. Instead of answering the questions legitimately, submit your answer as another string of random numbers, letters, and symbols. So your recoveries might look like this: Now for websites you don’t care about and websites that do not have any sensitive or personal information stored (unlike online banking), you probably don’t have to bother with such extreme security measures. But for any websites you do care about, having secure recoveries can save your account. 3. Storing and Encrypting Passwords So you’re probably thinking, “I’m not going to bother with these security measures… I mean I’ve never had any problems before and this all just looks like so much effort. Besides, I won’t remember all these insane passwords and recoveries anyway!” That’s true, which is why we have a solution! Remember when I said to never store your password information in a text file on your hard drive? There is another way to store your information! There are a handful of applications which will store and encrypt your password information. It’s the encryption that makes all the difference! I personally use 1Password. This application is available for Mac, Windows, iPhone, iPad, and Android. It stores all of your password information (and you can optionally also store credit card information and notes) and then encrypts it. You choose one password to protect all of your other passwords. Then even if your computer is compromised, no one can access your list of accounts, passwords, and notes unless they have access to the password you selected. So pick one password to protect all the others, and make sure it’s a strong, secure one! The application will also store install add-ons so you can log into your website just by clicking the 1Password button and it will automatically submit your account details! This is a great way to easily have multiple complex passwords but still keep yourself protected. The application also comes with a great random password generator to help you select passwords for your new accounts! 4. Protect Your Computer With Antivirus Software!
Keeping your actual computer safe is a huge part of internet security. Without it, your computer could get infected with viruses or keyloggers, or other malicious applications that can steal your personal information or completely destroy your computer. So install a good antivirus program and do a full scan (NOT a quick scan!) at minimum once a week. This website has some good antivirus reviews. The top two at the moment (according to that site) are Bitdefender and Kaspersky (which I use). If you’re using Windows and just want something easy and free, at least download Microsoft Security Essentials. There are better options, but using MSE is better than using nothing! 5. Beware of Phishing and E-Mail Scams Whenever you get an e-mail that’s asking you to click a link, always check the URL! You can do this by hovering your mouse over the link and checking the status bar at the bottom of your browser. The status bar will tell you where the link really leads. For example: A link may be disguised as leading to https://www.paypal.com but in reality, it may lead to https://www.paypal-com.co or some other slight variation. This has become an increasingly serious issue with smartphones in particular. Smartphones have smaller screens, which means less of the URL is displayed in the address bar, which makes hiding scam URLs even easier. 6. Use 2-Step Verification!
Whenever possible, use two-step verification. One example of where this exists is Gmail. You can optionally set up two-step verification which allows you to link your phone to your e-mail account. You can download a Google app on your smartphone, which will generate a one-time code for you to use. You will have to enter this code in order to sign into your e-mail account. What does this mean? It is impossible for anyone to access your e-mail account without also having your cell phone in hand! It is a fantastic layer of security that you should always take advantage of whenever possible!