Identity Security Best Practices Part 2: Cyber Identity Protection

Wednesday, October 17, 2018 |

Cyber Identity Protection
 

  • Passwords
    • Must contain at least 8 characters with both upper & lower-case letters, and a special character. Phrases that contain all of these are best. For example (in italics):
      • Mydogzeke’sbirthdayismay15
      • “I am happy to be 28!” could be 1am:)2b28!
      • “To be or not to be,” could be 2borNot-2b
    • Anything less than the above can be determined by computer algorithms in minutes to days. You could also use your keyboard as a palette to create a shape that is easy to remember: for example, @wsxdcft^ makes the shape of a W on the keyboard.
    • Never use personal information (such as street names, pet’s names, DOB, mother’s maiden name, etc.) in your passwords. These can all be found easily via internet searches and social media.
    • Do not use slang terms, dictionary words, words spelled backward, or common misspellings.
    • Mix up passwords: never use the same one twice, especially for accounts where money can be transferred.
    • Never share your password.
    • Apply the same password rules for your home and business Wi-Fi modem.
    • Consider a password management program that creates different passwords and stores them encrypted in private accounts (e.g., LastPass, TrueKey, Password Boss). With these you only need to remember one password. They automatically sync your password data, so you can access them from anywhere. They are also extremely secure, and all your data is locally encrypted on your PC: only you have the power to unlock it.
  • Automatic Updates for Computers: Make sure automatic updates are set up for all operating, antivirus, and firewall software.
  • Install Spam Software: Junk mail is inadequate to collect spam. Add a separate software program for this.
  • Never Click on Links or Open Files or Documents from Unknown Sources: This is how most hackers penetrate and plant malware, which collects key strokes and everything on your screen.
  • Hover Function: Use the hover function by right clicking over the sender’s email name to confirm the actual email address of sender.
  • Beware Phishing Scams: Phishers can send emails which look completely legitimate from what appears to be Microsoft, Apple, PayPal, Amazon, etc. which asks to update passwords, software, etc. Hover over the address: if you can’t determine if it is legitimate, a Google search will often turn up whether this is a fraud.
  • Beware of Error Messages: Hackers can send error messages to computers to get you to click on them. With this information, hackers gather all your passwords and much more.
  • Beware of Public Wi-Fi: A common hacker technique is to create a fake Wi-Fi network and give it the name of the restaurant or coffee shop that customers frequent.
  • Activate Two-Factor Authentication for Website Access: This requires not just a password but a second element, such as a code texted to your smart phone: banking, savings, credit card, and other financial accounts offer this option.
  • Activate Two-Factor Authentication for Email Access: Activate two-factor authentication on your email account for anytime your email is accessed from an unfamiliar computer or phone. This sends you a code by text. Better yet, download an authenticator app such as Google Authenticator or Microsoft Authenticator, which generates these codes without the need for texts, which could be intercepted.
  • HTTPS vs. HTTP: Make sure the web addresses you are browsing begin with HTTPS not HTTP. HTTPS is the secure version of HTTP.
  • Never Use Facebook or Google to Login to Another Website: Websites will give you the option to log in with Facebook or Google. If even one of these accounts is compromised, and it links to others, then the hacker has access to several accounts with only one hack.
  • Mobile Devices: Phishing can happen on mobile devices. Phones can be hijacked, too. Password protect access to your phone, as well as your voice message mailbox, and make it complex.
  • Email is Insecure by Nature. Never send confidential information in an email. Word and Excel have free tools to password protect documents.
  • Never Forward Chain Emails: Chain emails are often a hoax and can contain phishing viruses and malware.
  • Be Prudent with Your Social Media Posts: The information you provide on social media creates data for hackers to figure out passwords. Posting pictures while vacationing also tells criminals that you are not home.
  • Use the FCC Smartphone Security Checker: Follow security tips for your phone's specific operating system using the customizable interactive tool.
 

When you click on any links provided here, we make no representation as to the completeness or accuracy of information provided, nor are we liable for any direct or indirect technical or system issues or consequences that may arise as a result of your access. When you access a link, you assume total responsibility for your use.

Back to News & Awards