How to secure your accounts and passwords

How to secure your accounts and passwords

This post will kick off a series of articles on cybersecurity. Today, we will focus on passwords, and I will tell you how to ensure that our passwords are good, strong, and secure.

Passwords are a crucial element of our digital lives, granting us access to various online services such as email, banking, shopping, social media, and more. However, passwords can also be an easy target for hackers seeking to exploit our personal, financial, or professional data. Therefore, it is essential to protect our passwords and online accounts from cyber attacks. In this article, I will present a few simple and effective ways to do so.

1. Use strong and unique passwords

The first step in securing our accounts is to use strong and unique passwords. A strong password is one that is long, complex, and difficult to guess. A complex password may include various types of characters, such as uppercase and lowercase letters, numbers, and symbols. However, if it is long enough, another good choice is to “string together” 3 or 4 random words, making the character count above 15. A difficult-to-guess password is one that is not related to our personal data, such as name, surname, date of birth, address, phone number, hobbies, pets, etc. A unique password is one that is not used for other online accounts. Using the same password for multiple online services increases the risk that if one of our accounts is compromised, the others will also be vulnerable to attack.

Example of a strong and unique password: XyZ!3aB@9kL#1mN$ or eveningwritingpowershellscripts

2. Use a password manage

The second step in securing our passwords and accounts, related to unique passwords, is using a password manager. Remembering dozens of different passwords can be cumbersome, so it’s worth storing them securely. Password managers come to the rescue by helping us remember and automatically update our passwords in case of suspected leaks. The most popular password manager is KeepassXC, but it lacks synchronization between devices and platforms. You may need to save the password file, for example, on Google Drive and then open it on different platforms. A better solution is Bitwarden, which also comes in a free version.

3. Enable two-factor authentication

The third step in securing our passwords and online accounts is to enable two-factor authentication. Two-factor authentication is an additional level of security that requires not only a password but also another factor, such as a one-time code from an app, fingerprint, facial or voice recognition, or a physical key like YubiKey. Two-factor authentication makes it harder for hackers to access our accounts, even if they have our password, as they also need the second factor, which is more challenging to obtain or counterfeit. Many online services offer the option to enable two-factor authentication, so it’s worth using it if available.

4. Avoid public Wi-Fi

The fourth step in securing our accounts is to avoid public Wi-Fi. Public Wi-Fi networks, available for free in public places such as cafes, hotels, airports, or libraries, can be unsafe as they usually do not provide encrypted internet connections. This means that our data may be intercepted or eavesdropped by hackers. Therefore, it is advisable not to log in to our accounts or enter any sensitive information when using public Wi-Fi. Instead, it’s better to use our cellular network or a virtual private network (VPN) for a secure and anonymous internet connection.

5. Do not click on suspicious links

Suspicious links are links received in emails, SMS, messages on social media, or other messengers, encouraging us to click on them to access an offer, reward, update, invoice, or other content. However, clicking on such links can be dangerous as they may lead to fake or malicious websites attempting to trick us into providing personal, financial, or login information to our online accounts. Therefore, it’s essential not to click on any links that look suspicious, do not come from trusted sources, or do not fit the context of the message. Instead, it’s better to check the URL of the link, verify the credibility of the website it leads to.

You can check whether a specific website has been classified as a threat on VirusTotal.com.

6. Monitor your accounts and report any suspicious activity

The last and crucial step is to monitor our accounts and report any suspicious activity. Monitoring our accounts involves regularly checking our login data, transaction history, security settings, and other information that may indicate that our account has been hacked or compromised. If we notice any unauthorized or unknown activities on our account, such as unfamiliar logins, payments, password or personal information changes, we should immediately change our password. Do not ignore or underestimate any warning signals, as they may lead to more significant losses or damage. An example of a warning signal is an email about a password change that we did not initiate.

You can check if your email has appeared in published data breaches on HaveIBeenPwned.com. If it has, changing your password is essential.

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *