5 tips to protect yourself online
October is cybersecurity month, and The Dunham Group is offering five tips for you to make sure your cyber information is safe.
Tip 1: Make sure you have not been part of a hack!
The first thing that you need to know if any of your accounts have been part of a hack or data breach. A quick way to see if nefarious parties have collected your information. Type your email into this website, and it will let you know if you have been part of a known breach.
There are two outcomes:
“Oh No! You’ve been hacked! It is time to secure yourself by following these steps.”
Or
“Good! It says I have not been apart of any hacks!”
Well, hold on! Just because it says, your email is in the clear does not necessarily mean that your information is safe. This information is only from known data breaches, just because you come up clean does not mean you are safe. It is still worth it to protect yourself.
What can I do?
Tip 2: Don’t Use Common Passwords
One technique that hackers use is a directory attack; this is when they use a list of the most common passwords or words and use it with your username to see if there is a match. The two most common password s “123456” and “qwerty” will be tried first! Even getting creative with words or phrases will not protect you as well. According to a recent study the most common passwords with names are “ashley” and” michael”, and if your password is your favourite band “blink182” congratulations, you have the most common band name password. 1
It is always best practice to have a random string of letters, numbers and symbols. The longer your password is, the harder it is for hackers to use brute force attacks against you. This is when a program is used to try every combination to get into your account. If you have one character password, it will take up to 80 tries, but if you used eight characters, it could take over 1.6 quadrillion guesses. 2
Tip 3: Use Different Passwords for Every Single Account
Another common way hackers use to infiltrate accounts is by credential stuffing. Taking username and password pairs that have been part of a data leak and try to use them to log into other platforms. In 2016 LinkedIn had over 164 million email and passwords exposed (as part of the 2012 LinkedIn hack).3 Which means anyone could buy part of the list and start using it in facebook, emails and other accounts to try and gain access. If you had the same password for LinkedIn and Facebook, then they can access your account.
If you use the same passwords for multiple accounts, then they are all vulnerable if one of those companies has a data breach.
So, a different password for each account will isolate your vulnerability and help keep you safe if one system fails.
Tip 4: Password Manager
Between using a random string of characters and having a different set of random characters for each account, it becomes nearly impossible to keep everything straight. Which is why there are many password manager out there to keep all this information for you. With this type of tool, you can have strong and unique passwords for every single account.
If you are interested, check out this Wired article ranking the best options out there
https://www.wired.com/story/best-password-managers/
Tip 5: Change Your Passwords Regularly
Scammers can use your old passwords against you by emailing you saying that you have been hacked and taped your webcam. What makes this genuinely jarring is the “proof” they use is showing you one of your passwords. It is scary to see that they have a piece of information you thought was secret. They will usually ask for money, or they will send all your contacts everything you have been doing online. When in reality you were not hacked, they bought a list containing your email and password.
Once you have a password manager, it gives you a fair amount of flexibility to be able to change your passwords regularly. The more often you change your password, the better. Data breaches do happen, and it is usually months or years later that it comes to light, but if your password has been changed then your login info is useless to them.
There are many ways to protect yourself online, but you should consider these suggestions to help keep your online accounts secure.
If you have any questions, please contact The Dunham Group.
Leave a Comment