The Ins & Outs of Cyber Awareness - Part 2. Choosing a Secure Password
The weakest point in your online presence is usually your passwords. They are your protection against fraud and loss of confidential information. With the latest methods of password attacks able to attempt up to 350 billion guesses per second – it’s important you get yours right. We’ve put together a few basic tips on how you can reduce the risk to yourself and your business.
- Make your password as long as possible: Most online websites will require you to choose one with a minimum of 8 characters, however most recommendations are between 12 & 14. The more characters in your password the harder it is to crack.
- Use different characters: include numbers, punctuation marks with a combination of lower and uppercase letters.
- Do not use personal information: Avoid important names, dates, locations (including your username) in your password.
- Avoid words in the dictionary. Hackers can attempt to crack your passwords by automatically trying all the words in the dictionary.
Keeping your password safe
- Make sure your ‘forgot password’ details are up to date: Update your recovery email address regularly. Many websites now provide the option to add a phone number to receive password reset codes via text message. If creating security questions, make your own question if possible; the answer should be something that you cannot guess by scanning information you've posted on blogs or social networking sites (your place of birth for example). If you are asked to choose a question from a list, like the city where you were born, try to find a way to make your answer unique by using some of the tips above. That way even if someone guesses the answer, they won't know how to enter it correctly.
- Beware of social engineering: Do not send any of your passwords by email. Avoid writing your passwords down, and if you do; keep them secure and locked away (Keep it secret, keep it safe!).
- Hyper Text Transfer Protocol Secure aka. HTTPS: When entering passwords online, ensure the site is using a secure HTTPS connection which is usually represented by a green padlock in the address bar. This means that all communications between your browser and the website you are visiting is encrypted. HTTPS is often used to protect personal information via transactions such online banking and online shopping order forms. However - you still need to remain vigilant as anyone can purchase a certificate (as long as they can prove they own a domain). So although your communications with the site are protected, there’s no guarantee this is the case once your personal details reach the other end.
- Use different passwords for every website: If your password does become compromised only one of your accounts will be affected.
- Do not use your password on a public computer: If it’s unavoidable, ensure the ‘remember password’ box is unticked and that you sign out of any website once you’re finished.
& IF ALL ELSE FAILS... MAKE SURE YOU’RE COVERED.
Cyber Insurance - If you are a business consider purchasing it! Whilst this is not a replacement for robust IT security, data protection and a response plan, it can act as a safety net. A comprehensive policy helps protect your organisation from the moment a cyber or data breach occurs.
If you would like any independent insurance advice on the matter or would like to arrange a review of your insurance, please get in touch.
|Torquay: 01803 652000||Exeter: 01392 880000||Holsworthy: 0333 2026502|