Everyday Cybersecurity: Difference between revisions
From GCA ACT
Jump to navigationJump to search
No edit summary |
No edit summary |
||
Line 10: | Line 10: | ||
#Whenever possible, enable 2FA for your online accounts. This adds an extra layer of security by requiring you to provide a second authentication factor, such as a one-time code sent to your mobile device or email, in addition to your password. | #Whenever possible, enable 2FA for your online accounts. This adds an extra layer of security by requiring you to provide a second authentication factor, such as a one-time code sent to your mobile device or email, in addition to your password. | ||
#Use app-based 2FA methods (e.g., Google Authenticator | #Use app-based 2FA methods (e.g., Google or Microsoft Authenticator) rather than SMS-based methods, as SMS-based 2FA can be vulnerable to SIM swapping attacks. | ||
#For your most sensitive accounts (payment services, financial institutions, medical providers, healthcare insurance, etc.), consider using biometric authentication devices. | #For your most sensitive accounts (payment services, financial institutions, medical providers, healthcare insurance, etc.), consider using biometric authentication devices. | ||
#For less sensitive, but | #For less sensitive, but important accounts (utilities, telephone services, cable or internet services, etc.) that do not support 2FA, consider asking your service provider to set a security word, a security question & answer, or a passphrase that isn't easy for others to guess. | ||
=Be Cautious with Personal Information= | =Be Cautious with Personal Information= |
Revision as of 21:26, 1 September 2023
Use Strong and Unique Passwords
- Create strong, complex passwords that include a combination of letters (both uppercase and lowercase), numbers, and special characters.
- Avoid using easily guessable information like personal names, birthdays, or common words.
- Use a different password for each online account to prevent a single breach from compromising multiple accounts.
- Consider using a reputable password manager to generate, store, and autofill complex passwords securely.
- If you have a significant number of passwords to remember, consider using a password manager tool.
Enable Two-Factor Authentication (2FA)
- Whenever possible, enable 2FA for your online accounts. This adds an extra layer of security by requiring you to provide a second authentication factor, such as a one-time code sent to your mobile device or email, in addition to your password.
- Use app-based 2FA methods (e.g., Google or Microsoft Authenticator) rather than SMS-based methods, as SMS-based 2FA can be vulnerable to SIM swapping attacks.
- For your most sensitive accounts (payment services, financial institutions, medical providers, healthcare insurance, etc.), consider using biometric authentication devices.
- For less sensitive, but important accounts (utilities, telephone services, cable or internet services, etc.) that do not support 2FA, consider asking your service provider to set a security word, a security question & answer, or a passphrase that isn't easy for others to guess.
Be Cautious with Personal Information
- Be mindful of the information you share online, especially on social media.
- Avoid posting sensitive personal details such as your full address, phone number, or financial information.
- Be skeptical of unsolicited emails, messages, or requests for personal information.
- Phishing attacks often use social engineering to trick users into revealing sensitive data.
- Regularly review the privacy settings of your social media accounts and limit the amount of personal information that is publicly visible.
Additional tips for online safety
- Keep your software and devices up-to-date with the latest security patches.
- Use a reputable antivirus and anti-malware software.
- Be cautious when downloading files or clicking on links from unknown sources.
- Educate yourself about common online threats and scams to better recognize and avoid them.
- Consider using reputable Virtual Private Network (VPN) software to keep prying eyes from monitoring your online activities.
- Be wary of browser extensions or plugins; only use them when provided by reputable organizations; and consider isolating them to a specific browser profile to limit what a malicious browser extension can access.