Basic Online Security and Password Tips
There seems to have been a lot of Security type news recently (cheers Facebook…), and I’ve been surprised at how little people know when it comes to basic internet and password security.
With that in mind, here’s a few basic tips that I think EVERYONE should know.
(Feel free to share if you wish!)
1. Deactivate Facebook logins for old unused services
To do this click on Facebook’s Settings and then ‘Apps and Websites’. You can then see a list of all the websites that you have logged into with Facebook (and most likely shared a little too much information with them!). Select any you don’t use any more and remove them.
2. Log out of Facebook sessions which you don’t use
Again under Facebook Settings, head to ‘Security and login’ and take a look at all the Devices/Browsers your Facebook account is logged in on. Completely clear this list to force Facebook to log out of all of those places. It’ll keep you logged in to your current session, of course.
3. Don’t use your primary email for rubbish
If you’re signing up for something you never plan to use again (think “Sign up to our Newsletter to get 10% off your first purchase!”), and won’t be sending any confidential information to your email, then use a publicly accessible ‘burner’ email. This can be accessed quicker than your actual email, by using a service such as https://www.mailinator.com. You can thank me later for that tool.
4. Don’t share passwords between websites
I repeat. Don’t. Share. Passwords! But how do you remember all those different passwords? You don’t. Use a password manager instead, such as https://lastpass.com. You can then simply access all your passwords, on any device, in different locations, using a single Master password. Just make sure that your single Master password is secure, not used elsewhere, and not written down!
5. Use strong passwords
A nine character “a-z” type password, such as the word “notepads”, can be cracked in milliseconds. Passwords should ideally be over 8 characters long and contain a mixture of lowercase, uppercase, numbers, and punctuation. If you use a password manager you can generate these automatically in seconds!
6. Don’t take breach notifications lightly
Companies are legally required to notify you when your data may have been hacked. If this means they have been able to get hold of the email and password you used for the hacked site, then that now means they likely have your email and password for many other websites which you have shared the same information with. But you don’t have to worry about that, because you don’t share passwords…right?
7. Check the actual Email ‘From’ address of dodgy looking emails
The From address may come up in your email as something normal such as “PayPal”, but if you click the sender to reveal the actual email address, you may find the domain name used in the email doesn’t match the website it claims to be from. E.g. [email protected] is clearly not from the owners of paypal.com.
Remember if it’s too good to be true, it likely is!