In this new world of zoombooming, facebook cloning, and email spoofing, digital security is as important as it has ever been. We should all do regular check-ups on our security and privacy settings online – and this is the perfect time to do it!
Here are some simple things you can do to improve your online security during this time. This first post will look at a few things you should stop doing, post two will look at things you should start doing, and future posts will have specific recommendations for different online platforms that are widely used.
1. Don’t Repeat Passwords
I get it. Really I do.
You come up with one good password. It has that right combination of numbers, letters, and special characters that works for most sites.
You can ever remember it from day to day!
But as soon as you start repeating passwords, you become significantly more vulnerable to having your security compromised.
Every year, one website or another is hacked, and their database of users and passwords is violated.
Let’s say a low-risk site for you is violated. Last year, Canva was compromised – a site that many people use to create graphics, and don’t store a lot of personal information. No big deal.
But, the person who hacked Canva now has your email address and password. And any other site you used that password for, they can now use that combination of email / username and password to gain access to.
Even though it makes your life easier, don’t re-use passwords.
2. Don’t Use Personal Info in Passwords
This too is all about memory. Meaningful information is easier to remember.
But meaningful information is also easier for to guess.
Important dates in your life or the lives of your loved ones. Birthdays, anniversaries, graduation dates.
Important people or places in your life. Your hometown, your child’s name, you pet’s name.
Avoid it all.
3. Stop Doing Those “Quizzes”
List all the places you’ve lived. What was your first car. What nicknames have you had.
Every one of these quizzes is a treasure trove of information for people who would like to steal your identity.
Many of the questions in these “Let’s learn more about each other” posts are also the answers to common security questions online.
Say you lose the password to your mortgage lender’s website. They may ask you about past addresses, or first cars, or first pets, or similar questions to determine that you are who you say you are before they let you back into the site.
Now, imagine that someone else has the answers to those questions, and goes to your mortgage lenders website and says “Oh, I forgot my password, but I can answer all these questions.”
Of course the risk is lower if you have your security set tightly on social media (a topic for another day), but the risk is even lower still if you just don’t play along with those games.
There is a similar sort of risk with the quizzes that take you to websites outside of facebook. You know the ones: What does your favorite color tell us about your personality. Which Tiger King personality are you. What would be your ideal profession.
Each one of these websites asks you an important question before they give you an answer. “Can we access your facebook information.”
You probably haven’t noticed the question – how often do we just click right through terms and conditions without reading them?
But you have said yes. Which means that now, and until you revoke that permission, whoever owns that website has access to your facebook account and all the information on it.
Let that sink in: Whoever owns that website has access to your facebook account and all the information on it.
The momentary dopamine hit you get from playing along with the quiz is not worth it.
4. Don’t Store Your Passwords on Your Computer
All these complex passwords are hard to remember!
Especially as we are required to have more and more log-ins, with more and more complexity to the passwords. Who can possibly remember them all?!
So, people do the natural thing. They create document on their computer or a note on their phone, often with the creative name “Passwords” or “Logins.”
All it takes is one person to gain access to your computer, and they would then have access to your whole life.
It could be via a hack and someone gaining remote access to your computer. Or it could be as simple as a technician performing maintenance on your device.
It doesn’t matter how unlikely it is. It only has to happen once.
In my next post we will talk about some ways other than a file on your computer for accessing these many passwords we all have.
For now 1) Don’t repeat passwords, 2) Don’t use personal info in your passwords, 3) Avoid the temptation on online quizzes, and 4) Don’t store your passwords on your computer.
Next steps: The second post in this series, on best practices.