Website hacks and data breaches are constantly in the news these days. While the growing size of these breaches increases the probability that each of us could be affected, we often forget that we haven’t taken simple, everyday precautions. They are the easiest to be lax about – so make an effort to run through this list of tips and see what you can brush up on.
1. Change the default usernames and passwords that come with your devices and software.
Your access points and routers are a good example. They are central to wireless networks and can be easily hacked. A quick online search will reveal their default settings and give cyber criminals a way into your network. And don’t forget any other connected devices at work or at home. As the Internet of Things grows, many devices that you might not expect to be connected to the Internet are actually at risk of being hacked, like Ring doorbells and smart lights. Make sure you’ve changed default credentials for these devices too.
2. Opt-in to multi-factor authentication (MFA) or two-factor authentication (2FA) when it’s offered.
Multi-factor authentication is easier to implement than many people realize. It adds an extra step on top of a username and password. Many services now make MFA mandatory, but in case it’s still opt-in for your hardware, software, or accounts… turn it on! (How does MFA work, and why is it important? Find out more here.)
3. Regularly change your computer password and the passwords to your online accounts.
Has your work computer’s password been “monkey123” for the past five years? It’s time to update it. You should consider enforcing a 90-day rule, which may be irritating, but it is far more secure. Also consider using long passphrases, which are strong and often easier to remember than random strings of letters, numbers, and symbols.
4. Don’t use the same password for all your critical accounts.
Do you use the same password for your personal banking account, your online shopping websites, and your business’s firewall management tool? All it takes is for one leak to jeopardize even more of your sensitive data or the data of your clients. Use separate and appropriately complex passwords for all locations that house critical data. If remembering all of your passwords becomes difficult, consider using a password manager like LastPass.