Over the last few years, it seems everyone’s information is getting stolen. People’s Yahoo accounts are getting hacked, their online banking passwords are being compromised, even ATM machines are being hacked to steal credit and debit card information. And with ransomware on the rise, it seems like there’s no other option but to just burn all your devices in a fiery pit and switch back to good old pen and paper.
But we’re not Neanderthals. There’s no need to resort to those kinds of extremes. So below are a few good tips to keep your information safe from hackers.
“Password123” or “MyName” is not a strong password just because it has letters AND numbers. Hackers aren’t stupid. They wouldn’t be hackers if they were. Passwords work best when they’re complex, using a random mix of numbers, letters, and special characters in all different cases. And the longer and more random, the better.
“What kind of tech hacker babel is this?! Two factor authenty-whaty?!”
It’s really not all that complicated. Single factor authentication is entering your password – you’re the real deal because you know the password. But nowadays, this isn’t enough. Most (well run) websites have the option to enable two-factor authentication which is a second layer of authentication.
The way it works is, after entering the correct username and password for your account, you’re sent a text message with a temporary password. You’ll have 5 minutes to enter that password in to your account in order to successfully log in.
This seems annoying at first, but it’s really a great feature. Even if a hacker has your password, they won’t be able to login without having your phone on hand to receive that passkey. And you’ll know about the hack attempt, because you’ll have received a text. Neat, huh?
One thing people don’t consider is if you use one username and password in one place, you’re likely to use it in multiple other places. In fact, according to Naked Security, 55% of net users use the same password for most, if not all websites. And this isn’t news – hackers know this. Ask yourself this – is my facebook email and password the same as my online banking email and password? Probably! So if a hacker gets ahold of your Facebook credentials, you know that bastard is going to use those to get your banking information, as well.
So as often as possible, use different passwords. For everything.
I know, doing this for all your online accounts can seem daunting at the very least. You may ask, in a very Steve-Brule-y tone of voice, “Well, David, how the hhhhhheck am I supposed to memorizes all those stinking passwords?”
Simple, you could…
When it comes to memorizing passwords, what I’ve found useful is to…not memorize them at all. Instead, you can use a password manager, like LastPass.
LastPass is password manager you can use in just about any browser. The idea is that you have one email and password for your password manager that you memorize, and use it to generate incredibly complex passwords on your behalf.
LastPass makes the process easy, by allowing you to auto-login to websites, or auto-fill username/password fields.
When a website gets hacked and finally announces that your information might have been compromised, it could be days, weeks, even months after the attack already happened. If you change your passwords on a regular basis – weekly or even monthly – chances are you’re information is safe. NOTE: That’s not to say that if your email provider discloses a breach you shouldn’t IMMEDIATELY CHANGE YOUR PASSWORD. Better to be safe than sorry.
Cloud storage is becoming more and more affordable. As little as $10 a month you can get 1TB of cloud storage through Google Drive or Dropbox – likely more than enough storage for the average user.
Why use the cloud? Let’s say you get infected with ransomware, and all the files on your computer are locked. Rather than paying an outrageous ransom or risk losing everything, all your files will have been already backed up to the cloud. So now, you could simply take your computer offline, re-install windows or OSX and re-download your files from the cloud
Don’t trust the cloud? Build your own.
Malwarebytes is the real deal – and as far as I know, their anti-malware product is the only product that has the ability to stop a lot of ransomware. Its scanner is heuristic – meaning it essentially learns malicious behavior, and can stop all kinds of malware and viruses before they have the chance to do any sort of damage, and often before that sample of malware has even been cataloged or discovered by anyone else.
Malwarebytes even has an Anti-Ransomware tool in beta that you can download right now (keyword being BETA – it’s a working, but unfinished, product, released for the sole purpose of allowing users to submit bugs to the developers).
Avoid getting “phished”. Phishing is when someone tricks a user into sending them their username and password, usually by creating a fake login page that looks exactly like the real deal. Check out this facebook login page:
Looks legit right? Well it’s not – have a look at the URL.
Some phishing sites are more clever, and will come really close to the URL, like “facbook.com” (missing the “e”).
As a rule of thumb, you should never click a link from someone that looks out of character for that person; but if you do, and you’re asked to log in again, check that URL!!!
Never email someone a password. Avoid emailing anyone your social security number, or your credit card number – even if you trust them. They may not be following these best practices like you, and your information could be compromised because THEY got hacked – that would suck, wouldn’t it?
If you need to share that kind of information, write it on something that can easily be shredded and/or burned.
Keeping these safety tips all to yourself won’t keep the world around you safe. Spread the word, share these tips with your friends so they can be as safe as you!