Blogs

Strong Passwords and Password Managers

When it comes to strong passwords and password managers, you need both ideally. Strong passwords should be at least 12 characters in length and contain special characters, upper and lower case letters and numbers. They also should not be reused over and over again or even just changed by a couple of characters at the end. Each strong password should be unique.

When managing multiple passwords, it can be difficult to remember all of your necessary login credentials for the various sites you likely often use. To solve this issue, you should consider utilizing a password manager. The password manager should only be accessible to you. This tool is electronic, which means no more sticky notes around your computer screen or stuck under your keyboard, and will help to protect your identity, notify you of potential phishing attempts, save you time when logging in to the multiple software you use daily, function across all your devices and operating systems and alert you when a password has potentially been compromised.

Multifactor authentication (MFA)

MFA is a cybersecurity that requires you to prove your identity when logging into your account. Often you sign in with your username and password and then you are asked to prove your identity via your fingerprint, facial recognition or even by responding to a text message. Other options for MFA include using a PIN, answering a security question, entering a code sent to a phone or email address on file, utilizing another stand-alone app that requires you to approve each attempt at logging in or even a secure token. The most common account types that utilize MFA are financial accounts, email, social media and even online stores. Essentially, MFA adds another layer of security beyond a standard username and password.

Phishing

Phishing is the act of criminals utilizing fake emails, social media posts or direct messaging in the hopes of luring you to click on a bad link or download a malicious attachment. If you do click the link or download the attachment, you could potentially be handing over personal information. Phishing is also used to download malware onto devices. You can combat these schemes by being leery of clicking the links or downloading attachments. Things to look for within these messages could include:

• an offer that’s too good to be true,
• urgent or alarming language,
• poorly crafted with misspellings and bad grammar,
• an ambiguous greeting,
• requesting you send personal information,
• asking you to click unfamiliar hyperlinks,
• an abrupt business request or
• the sending address not matching the company’s email address formatting.

The previous list of items are all examples of things to look for in a phishing attempt. Once you have identified the phishing attempt, your next course of action is to notify your IT department. There is no need to respond to the fraudsters. As an added measure of protection, you can also elect to block the sending address. Also, some email platforms will allow you to report a phishing attempt, and if your email program does allow this, it is recommended you do so promptly.

Software

Software and app developers alike spend their days trying to keep their consumers and products secure. They are looking for ways in which hackers are getting through and developing patches to address those areas. This is where those pesky but oh-so-necessary updates come into play. Installing software updates timely is what keeps your technology and privacy secure. Some practices include setting up automatic updates, only downloading updates from verified sources, remaining vigilant of phishing attempts that look like prompted software updates and setting a schedule to look for updates. All of these will help to keep your system up to date with the best security currently available. 

Security will always be an area of concern, but it doesn’t have to become overwhelming if you implement some best practices for staying up to date. For more information related to the topics covered above or on Cybersecurity Awareness Month in general, click here. And check out our new Cybersecurity Awareness Month Toolkit!