Marketing Executive @CyStack
As the New Year beckons, people usually get ready by making a list of things they need to work on based on what they have learned in the past year.
The same thing is true for cybersecurity. By building on what has been learned over the past year, we can get better at defending ourselves against new threats.
We have come up with a list of resolutions that don’t require you to join a gym or cut down on sugar (even though you should do it anyway). Our suggestions are some steps you can take to improve your cyber readiness and make your digital life safer.
Avoid Bad Password Habits
Even though new ideas and alternatives have emerged, passwords will be around for a long while. You will need to deal with them in 2023 and many more years. That is why the place to start is to make good use of passwords and stop using common but risky cybersecurity practices.
In 2022, “123456” and “password” are among the most popular passwords in the world. A report from identity company SecureAuth also says that 53% of people say they use the same password for multiple accounts.
They are classic examples of bad password hygiene that can put people’s data and account control in danger. If you are in the same boat, here are some simple things you could do to increase your personal cybersecurity:
Make your password hard to guess
Use long and complex combinations for your passwords. They should be at least 12 characters long and have all four types of characters: uppercase and lowercase letters, numbers, and special characters.
Give each of your online accounts a unique password
You should never use the same passwords to protect sensitive information. Once a hacker manages to get the password of any account of yours, they can use bots to quickly test the same credentials on other websites. Using the same password can make you lose control over all of them at once.
Do not use your own information as a password
Do not use your name, birthday, address, or even the name of a pet as a password.
In this day and age, attackers can effortlessly gather those pieces of information from social networks and data brokers. They can then put them into their cracking tools to churn out combinations, some of which can actually be your real passwords.
Implement Two-factor Authentication Where Possible
Two-factor (or multi-factor) authentication (2FA/MFA) means that the application or service you are logging into double-checks that the request is really coming from you. They do this by confirming your identity with you in a different way, such as with biometrics or secret codes.
2FA is an essential part of modern cybersecurity because it reduces the risks that come with stolen passwords.
If someone has succeeded in hacking, guessing, or phishing the password of a 2FA-enable account, it is no longer enough for them to simply get in. The website will ask for a second factor and render this stolen password useless without it.
Most popular websites, services, and apps support some forms of 2FA. Setting it up is just a one-time step, but it can make your online accounts incredibly harder to hack.
Use A Password Manager
While the two cybersecurity recommendations above are indeed important, it is hard for everybody to adopt them without supporting tools.
Most of us have dozens of accounts to take care of. When each of them has a complex and unique password, it becomes impossible to keep all of them in our memory. Many opt for simple solutions like sticky notes. They have their own risks and can defeat the whole purpose of having strong passwords.
Password managers like Locker are the right solutions for this dilemma.
After you set it up, the app will make strong passwords for any new sites you use and automatically fill them in when needed. This makes it easier to remember a lot of complicated credentials, which is one of the hardest parts of password security.
In some situations, you can even use a password manager to share a login with someone you trust, like a family member, in a safe way. They also give you a safe way to store PINs, credit card numbers, and online banking information.
Most password managers also feature a built-in one-time password generator. It adds another layer of protection to your sensitive data.
Have A Look At Passwordless Authentication
Password managers and traditional forms of two-factor authentication can bring improvements to your personal cybersecurity. But the whole industry has also been working together to make it even easier and safer to use with technology like passwordless authentication.
Passwordless authentication is a way to check a user’s identity without using a password. The principle is simple. There are no passwords, so there is nothing to hack or steal, to begin with.
The most common approaches are to check if they have a secondary device or account or to verify unique biometric traits such as their face or fingerprint.
Passwordless-based authentication isn’t used on many websites right now. But that is likely to change as more websites and developers add to their apps and services.
You can try it now with your Microsoft accounts, for example. The company has begun rolling out passwordless authentication in their services. Apple and Google are other big names who are committed to making this alternative more accessible for their users.
Avoid Oversharing Your Personal Information
You can enable a hacker with your own social media activity. Every post and photo on social media could contain important information that would be useful for social engineering.
For instance, cute pictures of your pets may have the answer to the security questions of your accounts. If you use your birthday in your password, but it is public, you have just made your account much easier to break into.
Hackers can piece together more data and create more sophisticated phishing attempts.
By looking at your social media profiles, they can learn a lot about your interests, job, activities, and other facts. In the same way that marketers make personas for their customers, phishers make detailed profiles of the people they want to target.
They can make a job offer that looks perfectly like what you want but contains malware or a fake login form under the hood. It is also easier for them to pose as you and take over your SIM and your bank account.
Everyone should know the first rule of the internet: once it is there, it stays there. It would be better if we could share information more carefully and wisely.
Set your privacy settings so that as few people as possible can read and see your posts. Think about making one account for people you trust and one for the public.
Keep Your Devices Up To Date
A lot of software runs on computers and mobile devices these days. This includes operating systems like Android and iOS as well as the apps we use to do just about everything, from sending emails to writing notes.
Even the most reliable software from top developers can have vulnerabilities. Most device makers and app developers will keep putting out patches when they are aware of those cybersecurity bugs. They are important because they fix flaws that attackers can use to take over your devices and steal your data.
Many devices and apps can install updates automatically, but sometimes they need a little effort from the user. Keep an eye on new versions of your operating system and apps and install them as soon as they become available to get rid of known vulnerabilities.
Back Up Your Essential Data
Nothing is perfect, including the above cybersecurity practices. Even if you get everything right, your data isn’t entirely safe. Undiscovered vulnerabilities are common in software, and high-profile hacking groups still occasionally break into even the most guarded systems.
To avoid a total disaster, you should make copies of all your important data.
The main purpose is to have a safe place to store your important files, like confidential financial documents or photos of your family. This way, if you lose your data, you can quickly and easily restore it.
Data loss also happens because of other reasons. You could also lose your data if your external hard drive or computer stops working. A proper backup will come to your rescue and minimize the fallout.
Closing Thoughts
Cybersecurity risks can wreak havoc on your personal life or the operation of your business alike. Go through our suggestions to prepare yourself for a new year when cyber threats are about to evolve and increase.
We have to admit that a password manager isn’t something most people can get used to in one sitting. But products like Locker are beginner-friendly and designed to protect even non-tech-savvy people. Give it your top priority so your accounts and data can enjoy world-class protection from 2023 onwards.
Don’t let cyber threats ruin your year – take action now and protect yourself online!