The internet is as useful and intuitive, as it is dangerous. As more and more users come online for the first time each year, it is imperative that awareness is created around important practices that keep users safe.
With more people using services like Instagram, Gmail. Facebook or WhatsApp, hacking of accounts and online identity theft continue to be common cyber-crimes. However, most of these issues can be avoided by following some simple tips. On the occasion of Safer Internet Day today, here are the best practices to keep your accounts safe.
Keep strong passwords
Many people resort to keeping passwords as simple as ‘1234’ or ‘4444’, which beats the whole point of keeping a password. Commonly used words or numbers, especially numbers in order, are the easiest passwords to crack for attackers. Those that connect to personal information like your birthday or dog’s name are also easy to guess and misuse.
An ideal password should be a combination of uppercase and lowercase letters, numbers and wherever applicable, symbols too. These passwords, which are not simple, are the hardest to crack and hence, are known as ‘strong passwords.’ Most social media platforms let you know if your password is strong or weak in real-time when you add a new one. Make sure yours hard to decipher.
Do not repeat passwords across platforms
Another common practice is to make one strong password and then use this across different accounts. This may make it easier to remember the password, but it also makes things much easier for attackers, who now need to guess only one password to hack all your accounts.
Further, not all platforms and websites themselves offer the same level of security. If you use your Gmail password as a password for another, less secure website and the attacker happens to hack you from there, the attacker will now have easy access to your Gmail password as well.
Change passwords regularly
The final rule in the password trilogy states that users keep changing their passwords regularly. A good rule of thumb to follow is to assume that all passwords are vulnerable and it is only a matter of time until an attacker guesses them. Hence, all users should ideally be changing their passwords at least once every few months.
Do not visit websites and links that you don’t trust
Any link that you receive from an unknown source may be lead directly into the playground of an attacker. Always be careful of the websites that you visit and links that you click. Never go to pages you do not trust and do not download files from unofficial sources. Also keep an eye out for tabs that open up in the background.
Beware of third-party applications, and pirated software
Any software that isn’t available directly through the publisher and any app that is not available directly through the Play Store/App Store can be tampered with before it reaches you. This means that sideloading (downloading from third parties stores) apps can be very dangerous for users.
These apps and software may seem harmless and may even work as intended, but their malicious code wreaks havoc on your phone or computer system.
Use two-factor authentication when you can
Two-factor authentication adds a whole extra layer of protection to your social media accounts and other accounts by sending you an OTP (One Time Password) every time you login. This makes sure that it is you logging in and not an attacker. Further, even if the password for the account is leaked, the attacker cannot gain access to your account without the OTP.
Most popular platforms from Google and Facebook to Amazon now implement two-factor authentication and you should enable it at once.
Do not fall for hoax calls
Hoax calls have become a common problem over the last few years where newer users are often targeted. If you receive a call under the guise of a bank accountant, your SIM-card assistant or any such service, never hand over original details like your bank details, email IDs and passwords. Most services like banks will never call to get your credentials to fix something or make you eligible for an offer since the real platforms will already have access to your information.