Summer has officially come to an end and we’ve quickly moved on to cooler temperatures, football, and pumpkin everything. While we all may be looking forward to Halloween, October is also National Cybersecurity Awareness Month. The theme this year is “Do Your Part. #BeCyberSmart.” This theme encourages individuals and organizations to own their role in protecting their part of cyberspace, specifically putting an emphasis on personal accountability and the importance of taking proactive steps to enhance cybersecurity. Remember, if you connect it, protect it.
Here are a few ways to keep you and your family’s information safe this October, and beyond.
1. Create a strong password
One of the easiest, yet most effective things you can do to stay safe on the internet is to create a strong password. Passwords are a daily part of our lives. We need them to log in to our email, social media accounts, bank accounts, streaming services, and just about everything online. While many of us reuse our favorite password across a number of these accounts, this can be incredibly risky. The key to protecting yourself in cyberspace is to create a unique password for each account.
For optimal security, consider using passphrases. Not only are they longer and harder to hack, they’re also easier to remember. An example of a passphrase is (Please don’t use this as your password as it is no longer a secret!)
Remember, in order to minimize the risk of a cyber-criminal cracking your password, your password or passphrase should be at least 16 characters in length. The longer your password is, the stronger it is and the harder it is to be hacked. Additionally, using unique passwords for each account makes it more difficult for cyber-criminals to target you. While it may be easier to use the same password across all of your accounts, having unique passwords with more characters will only increase your online security.
2. Enable multi-factor authentication
Another great way to secure important accounts and stay safe in cyberspace is to enable multi-factor authentication (MFA). This provides an additional layer of security and is available with many online systems, applications, and websites. MFA requires two or more factors to gain access. These factors include:
- Knowledge – Usernames, passwords, PINS
- Possession – Security token, key fobs, ID cards
- Inherence – Retina or fingerprint scans
Enabling multi-factor authentication means that even if your password becomes compromised, a cyber-criminal still needs to clear one (or more!) authentication steps before they’re given access to your accounts. To help maximize your online security, enable multi-factor authentication whenever possible.
3. Use a password manager
Now that you’ve set up different passwords for each of your accounts, you may have trouble remembering which password goes to which account. This is where a password manager comes in handy. Not only does a password manager securely store your credentials and passwords, it can also automatically create new complex passwords and update your passwords when needed. The general rule of thumb is to change your passwords every six to twelve months as well as immediately after being notified of a breach. Most password managers will provide a report on your password’s age and strength, so you can also easily see when it’s time to change your passwords, as well as spot any possible weak or breached passwords you may have.
4. Protect yourself from phishing scams
Phishing is a cyber-crime where you are contacted by someone posing as a legitimate contact or institution via email, messenger apps, social media, telephone, or text messages. The goal is to lure you into providing sensitive data such as personal identifiable information, banking or credit card details, passwords, or even clicking on a malware attachment. Unfortunately, these attacks keep getting more and more authentic looking, so it’s important to always be suspicious and think before clicking.
To help prevent yourself from becoming a victim of phishing do these things:
- Check for spelling and grammatical errors
- Ensure the sender address matches the actual domain
- Don’t click any links or attachments until you’ve confirmed they’re legitimate
- If an email seems suspicious, reach out to that person through a separate communication to confirm they sent it
- If you’re unable to verify the email’s authenticity, report it to your email provider or IT security team
Remember, it’s always best to be overcautious than too credulous, so if an email seems unusual, always check its authenticity BEFORE acting on anything the email is asking you to do.