In case you haven’t heard, some people just love stealing other people’s personal information. There were two more security incidents this past May. Twitter saved users’ passwords in unencrypted plaintext, leading to a major national story. In local business, Malley’s Chocolates website was hacked, leading to the theft of personal information and credit and debit card details.
This trend of personal information theft isn’t slowing down, but that doesn’t mean that you can’t take precautions to protect yourself from these online evildoers. Here are some guidelines and best practices to follow, whether you’re an internet novice or a seasoned veteran.
Noobs: For those who know very little about internet safety.
- Don’t use your debit card for online purchases, or for any purchases really. An attacker could drain your checking account and it could take weeks to recover.
- Never respond to emails that ask you to verify your identity by providing your username or password. Think of it like someone walking up to you on the street and asking for your username and password. No need to respond, just move along.
- Stop writing passwords on Post-its stuck to your computer. You know who you are.
Average Joe: For those who use the same three passwords, which all include a street address as part of the password:
- Use a unique password for every site. If your password is compromised on your Twitter account and you use the same password for Facebook account, you’ll have a major social media crisis on your hands.
- Can’t remember the 100 accounts that you manage? Use password manager software to store your passwords, such as LastPass.
- Use a password generator. Your password doesn’t have to be a random sequence of 25 numbers and characters. Randomly-generated phrases can be hard to guess and easy to remember. Who’s going to forget Burnt-Flawless-Manatee-Bunion7?
- Avoid using common personal information for security questions and use another password instead. Your birth date or first pet’s name can be easily obtained or guessed by an attacker.
Veteran: For those who are more tech savvy:
- Enable two-factor Authentication on your supported accounts. This requires another piece of identification other than a username and password. Typically, a cell phone number is used and a temporary code is sent via text that is needed to complete the login.
- Put a port block on your cell phone to block transferring your phone number to another carrier. This will help prevent thieves from circumventing the two-factor authentication.
- Create a backup email account solely used for account recovery purposes. This lets you keep an eye on your accounts and provide another safeguard for account recovery.