The US Government has warned of an increased threat of cyberattacks. The Cybersecurity and Infrastructure Security Agency (CISA) has released recommendations to help keep you and your family safe and secure. Here are a few simple steps everyone can take to improve their cyber hygiene and better protect themselves online.
Use Strong Passwords
Having a weak password is like leaving the front door of your house unlocked. According to Hive Systems, an 8-character password with a mix of uppercase and lowercase letters, numbers and special characters can be cracked in just 39 minutes. Whereas it would take 1 billion years to crack a 15-character password containing of uppercase and lowercase letters, numbers and special characters.
It’s good practice to avoid using common words and personal information in your password such as birthdays, special dates and names.
Here are some tips for creating strong passwords:
- Use at least 15 characters
- The password should be unique – never use the same password across multiple accounts
- Create a random password – use a mix of uppercase and lowercase letters, numbers and symbols
Never share your passwords with anyone. Complex passwords are vital to account security but can be rendered useless if they’re not kept secret.
Enable Multifactor Authentication (MFA)
Also known as Two Factor Authentication or 2FA, it is an option to add an extra layer of security to your account.
Examples of what you may be asked for:
- Something you know – password, pin or security questions
- Something you have – mobile authenticators or smart cards
- Something you are – fingerprints, facial recognition or retinal scans
Even if your password is compromised, it can be very difficult to fake the other form of authentication. By enabling MFA, is it much harder for someone to gain unauthorized access to your account.
Do not disclose sensitive information & avoid clicking suspicious links
Emails, text messages and phone calls requesting sensitive information such as passwords or bank information can be attempts to steal your personal information. These phishing schemes can be hard to detect because attackers may pose as legitimate sources such as your bank, your company, or a friend.
Never respond to unsolicited messages asking for sensitive information or click links you are unsure about. When in doubt, contact the organization or individual directly though their official email address or phone number and report attempted phishing attacks.
Operating systems, applications and even web browsers need to be updated to patch the latest vulnerabilities. Bad actors are constantly trying to exploit flaws in systems. When a vulnerability is made known, an opportunity arises for attackers to exploit systems that have not yet been updated.
It’s recommended to turn on automatic updates, if available to ensure your devices and applications are always up to date.