Passphrasesbeatpasswordsanytime! This is one of many perennial tips that should be second nature to everyone.
Welcome to 2020, where everyone can be affected by cybercrime. With 1.16 billion email addresses, 540 million Facebook users, and 500 million Marriot customers exposed to cybercriminals in Q1 2019 alone, these attacks show how unsafe we are from the depredations of hackers and online extortionists.
That said, it is not all doom and gloom. The good news is that by taking just a handful of simple precautions you can greatly reduce the risk of being exposed and become much safer online. Even better—you can do these today.
Tip 1. Browse smart
First and foremost, start by securing your everyday browsing habits. Many online threats are disguised as harmless distractions or too-good-to-be-true offers. Phishers and social engineers will try to trick you into exposing your personal information by bombarding you with “free” offers, online quizzes, and legitimate-looking emails.
Merely clicking that “free iPhone” link or entering your name and address to “claim your prize” can result in identity theft or a malware infection. In fact, a whopping 32% of data breaches start with a phishing email.
To avoid these types of threats, you should:
- Always pay attention when clicking anything on the web
- Share responsibly (and avoid sharing your personal information online whenever possible)
- Use an anti-script browser extensions to prevent websites from running malicious code
- Use the free HTTPS Everywhere browser extension to force websites to use the secure HTTPS protocol
While this is no 100% bulletproof solution against someone sneaking malicious code into your device, checking your browsing habits is a good first step at increasing your protection from the most obvious threats.
Tip 2: Use passphrases instead of passwords
Next, go to haveibeenpwned.com and see if any of your current passwords have been compromised. If so, you will have to change every password associated with your “pawned” accounts, as well as any duplicate passwords you might have reused on your other accounts for the sake of convenience.
We have all heard that “weak” and “easy to guess” passwords are as safe as used needles— the number one password worldwide in 2019 was—you guessed it… “123456”. Contrary to popular belief, however, cracking regular “strong” passwords like “Z;G$%k4!“ is also a breeze. Unlike keeping them memorized.
Which is why you should upgrade your passwords to passphrases. Here’s an example: “Passphrasebeatspasswordeverytime!”
This sample passphrase has:
- Uppercase letters
- Lowercase letters
- Special characters
- 33 characters in total
This means that the passphrase would take a password generator about 1 tredecillion (10 followed by 42 zeros) years to crack. Best part? It is easy as pie to remember.
If memory is not your strongest suit, though, there is no reason to panic: just use a password manager.
Password managers are specialized apps that store all of your passwords in a secure digital vault. All you have to remember is the one passphrase you will use for the password manager itself.
Tip 3: Boost security with two-factor authentication
According to a Verizon Data Breach Report, 80% of breaches could be avoided by using two-factor authentication.
Two-factor authentication (2FA) will provide your online accounts with an extra layer of security by requiring you to confirm your identity after you enter your credentials when logging in. This is usually done entering a temporary code or biometric on your phone. That way, even if someone cracks your password, if they do not have your smartphone with the code, they will not get into your account.
Make sure you enable 2FA everywhere you can, including:
- Social media
- Cloud file storage
- Online shops
Tip 4: Never connect to public Wi-Fi without a VPN
So far, we have discussed ways to secure your accounts against identity theft and malware. But what about attackers looking to hijack your device when you are on the road? In this case, passphrases, anti-script apps, and smart browsing might be of no help. To keep these cybercriminals at bay, you will need a virtual private network service(VPN) for protection.
When at work or home, you are likely protected by a firewall or a router secured by a long and complicated password. However, when you are on the go, you will probably end up using public Wi-Fi service at least once or twice.
The issue with public Wi-Fi is that it is often wide open for an attack. When you connect to an unsecured Wi-Fi network, you are an easy mark for hackers. And that is where VPN services come in. VPNs create a secure and encrypted connection over the Internet via remote servers all around the globe, and accessible via their desktop and mobile apps.
VPNs encrypt your entire online traffic, which makes it almost impossible to sniff the keys needed to access your device.
Tip 5: Keep your apps up to date
Finally, make sure you do not click that “Remind me tomorrow” button ever again.
As the infamous WannaCry ransomware attack reminded hundreds of thousands of users back in 2017, ignoring software updates can cost you your device and every single bit of precious data on it.
This means that every day you postpone updating software, is another day cybercriminals have to identify and exploit its vulnerabilities. By regularly updating your OS, browser, and security apps, you will minimize your risk of exposure to cyber threats from hackers, malware, and other nefarious actors. The easiest way to never miss an update is to enable automatic updates wherever possible.
(Editor’s note: The caveat of frequently updated apps is that crippling bugs and unintentional features may also come along with the update. As well, important features could be crippled or made unstable, causing serious downtime in workflows that rely on such software. So before installing any update to a vital app or system, make sure to create a system restore point, or take a snapshot image of your entire OS, so that you have something to fall back on in an emergency.)