The National Cybersecurity Alliance emphasizes four areas of online safety. These include multifactor authentication, password management, software updates, and phishing awareness.
From them comes several tips which can improve your online safety.
Hackers have become increasingly adept at stealing and cracking passwords. For this reason, you can enable an extra step of authentication called “multifactor authentication” also known as “MFA.”
Many, if not most online accounts that host sensitive information have MFA available. All you have to do is turn it on. When you do, you’ll have to enter an additional code that comes either from a text message or an authenticator application.
Make sure you have MFA enabled on every website and app that makes it available to you.
Passwords come with yet another weakness. People can’t remember long, complicated passwords, so they choose something easy to remember and use it on all their online accounts.
Password managers make possible the use of secure passwords without becoming a substantial burden on you, the user.
With a password manager, you store your passwords in a vault, secured with a master password and MFA. Inside the vault, the password manager can create new strong passwords, monitor for repeat use of the same password, and automatically fill-in your username and password on most websites.
You can use a free password manager, such as the ones provided by Google and Microsoft. You can also use a free open source password manager or a paid solution such as LastPass. Generally speaking, the paid solutions work better that free password manager apps. Paid products also are easier to use and come with a higher degree of security.
When criminals or security researchers discover defects in the software and online resources you use, the developers of those products create patches and updates to fix those flaws. It’s your job, however, to make sure all the updates for all your applications have been applied.
From Windows and Macs to iPhones and Android, you need to make sure you and your devices check for updates and promptly install them. This applies to your software applications as well. For example, if you use Microsoft Office, you should make sure you install updates as they become available.
If you don’t keep your devices and software updated, criminals can (and will) use the known flaws in them to gain access to your confidential information. They can also use un-patched flaws to install malware, spyware, and ransomware on your devices.
Emails that appear to come from reputable sources trick you into clicking links that lead to malicious websites that appear real. When you visit a phishing website, you enter your login details and sensitive information while trying to access an online app or portal.
With phishing, rather than gaining access to the resources you need, however, you actually get a fresh does of malware or ransomware on your device. Additionally, the criminals behind the phishing operation can sell your login credentials on the Dark Web,
If your login information becomes available online and you use the same username and password for multiple websites, one phishing attack can give criminals access to many or all of your online resources. This helps you understand why you should use a unique password on every online resource you use. If you do, criminals will gain access to only one of your accounts, should you fall victim to a phishing scam.
Want to go Further?
Learn more about online security by visiting the National Cybersecurity Alliance. Their website is staysafeonline.org.