Three steps to strengthen your online security

silhouettes-600x328

If you think you’ve heard it all before, please just take a few minutes to review these steps.

There are no guarantees, but three simple steps will greatly improve your odds of not having an online account hacked: increase password strength, update your software and think before you click.  If you think you’ve heard it all before, please just take a few minutes to take these steps.

Password strength

The biggest problem most people have to deal with is passwords.  You may realize using weak passwords is bad, but to understand how serious this is, consider three quick questions:

  1. If you lose an account password, do you have a reset sent to your primary email address?
  2. What would happen if someone got a hold of your email password?
  3. How strong is your email password?

Assuming the first answer is “yes,” you can see where this takes you.  If you’re using a weak password for your primary email account, a lucky guess would give hackers the ability to reset every password to your email and control ALL of your accounts in minutes.  Your primary email account password is your single biggest vulnerability.

LifeHack.com and HowToGeek.com have articles with good password selection advice.  I personally use a combination of the techniques recommended.  However, at last count I have over 200 passwords!  Yes, with online accounts for everything under the sun, enjoying the convenience of the Internet means paying the price of having passwords.  What’s more, using one password for every login is also a common, but very dangerous practice.

I highly recommend using password manager software.  Password managers help you by storing all of your passwords under one master password and making those passwords available to you on every device you have.  Isn’t that like putting all of your eggs in one basket?  Yes indeed, which is why you need to pick out one hellacious master password.  The LifeHack or HowToGeek articles can help you with that.  Use good passwords and try out a password manager—that’s your first step.

Update your software

Every computer, every tablet and every smartphone needs occasional updating with patches which fix vulnerabilities in the software.  A 2014 study by HP noted that over 40% of security breaches they found were from old patches.  Fortunately, for most of us Windows and MacOS are automatically patched at regular intervals via the Internet.

Two things can get in the way: first, you may have an old version of Windows (like Windows XP) which is no longer getting patches and is becoming increasingly dangerous.  Mac users tend to keep up with new operating systems, but they too may be running old software.  Being up to date is very good!  The other potential problem is that you may have somehow turned off automatic updating for your system.  This isn’t likely, but it’s worth checking.

While you’re at it, don’t forget to update the other software you use.  Whether it’s Office software, music software or the dreaded Java update, always approve the update and reboot immediately if needed.  One big caveat as you do this: THINK! That’s the next step.

Think before you click

Using modern computers and tech devices is a lot like driving a vehicle: we tend to go on autopilot a little too much of the time.  It’s very important to pay attention when you’re using your computer or smartphone.

The places where people run the biggest risks are opening emails and visiting websites.  I never, never, never open an email attachment unless I’m expecting it… and neither should you.  Nearly every day I get some piece of spam in my Inbox from someone I’ve never heard of which includes a picture, PDF file or some random “click here” link.  Avoid the temptation to touch these—just delete.  Even if you think you recognize the email, beware.  When I get a message from a bank or financial institution that seems to need attention, I never click links in the email or open attachments.  Instead, I bring up a browser, go directly to their website using my password manager and log in to find out what’s going on.

When you’re surfing the Internet, beware of websites which magically appear out of nowhere or don’t look right.  If you’re going to a new site, make sure the web address is exactly what you’re expecting and keep your eyes open.  If you go to a familiar site that looks different, be sure to check out the web address at the top of the screen. Make sure you’re where you think you are.

And while you’re updating your software in the previous step, be cautious there, too. When you get an update window alert or popup screen, take a careful look at it.  Does this look legit or is it something new?  If it looks OK, examine each successive screen in the update process and avoid hitting the “AGREE” button unless you’re sure about what you are approving.  Some programs you use may require updating Java or Flash Player, but proceed carefully!  Both updaters are notorious for bundling extra toolbars and other crap that only cause you headaches later.  Read carefully and don’t agree to install junk software you don’t need.  The bottom line is, if you’re not sure, try to find someone to ask about it.

That’s a quick introduction to what you can do to protect yourself online, but it’s far from comprehensive.  Start with these three steps, look at some of the links I’ve provided and we’ll take up more in a future article.