You have probably heard in the news about the latest security breach that affected over 100,000 IRS accounts. This hack and the constant bombardment of phishing emails is prompting me to go over some important considerations about online security.
1. Don’t give away too much information about yourself
On social media sites, such as Facebook limit the information to the basic information necessary to create an account. In privacy settings mark information like your birthdate visible to “only me” and/or I don’t even enter the correct birthdate. Facebook won’t know the difference.
2. Create A Safe Username and Password
Websites have a two-level login: user name and password. Personally, I don’t like the ones that use my email address for the user name, unfortunately, often that is the only choice. But when a site gives you the extra level of protection — the user name — take advantage of it. Use a complex user name instead of your real name or something like “user” or “admin,” and then add a secure password.
So what is a secure password?
• it is at least 8 characters long (preferably 10 characters or more).
• it contains random uppercase and lowercase letters, numbers and symbols
• it is unique for every account.
• only you can remember it (you should not have to write it down).
Sounds too complicated? It doesn’t have to be. One way to go about it is to come up with a catch phrase you can easily recall. For example: “We are learning something new every day.” Decide on a consistent selection of letters, symbol replacement, numbers and capitalization rule to construct your password — w!aL&sne)D1. Can you see how I did it? Next, adapt this method to the various social media accounts. Once you become familiar with your own process you will be able to reconstruct an even longer password.
If this seems too tedious or you are afraid that you might forget the method then using a password manager can be helpful. An open source FREE service is http://keepass.info or www.dashlane.com.
3. Be smart about your answers to security questions
Your pet’s name, your best friend, your first car, etc., is all too often the question you are about to answer for “added level of security”. Well, not quite. If you answer those questions truthfully your account hasn’t gotten much safer. What you want to do instead is answer the question in a complete sentence and add an extra phrase or a string of numbers. Websites cannot check facts. So you can type anything as long as you can recall it later. Here is an example: “What was your first car?” Answer: “My first car was an old, beat-up Volkswagen. I wish it was a Mercedes.” If this process seems too complicated simply answer with an unrelated word such as “rainbow,” or whatever strikes your fancy. Make sure to add your choice to your password manager.
4. Don’t send your account login credentials via email
At times you might be asked for your credentials to a web hosting account or social media accounts. Call the person who is requesting the information for instructions.
5. Don’t click on links embedded in suspicious looking emails
Phishing scams are getting more and more sophisticated and the disguises are mind boggling. Those emails often appear to be from a long lost friend or a popular online site like Paypal, UPS or Amazon. Do NOT click on any embedded link. Delete the email!
Look for these warning signs:
• verify the sender’s email address
• look for a blurry company logo or look alike logo
• look for unrealistic statements like your account has 83476 files and will be suspended
• look for a link to an unrelated source (hover over the link to reveal the path)
When you spot a scheme you might want to report it to the company that is being impersonated.
I hope those suggestions come in handy. Safe computing!