14 digital security tips for World Password Day

 May 3 is World Password Day. Check out these 14 tips to keep your digital accounts safe from intrusion.

1. Two-factor authentication

Consider activating two-factor or multi-factor authentication, a feature that adds an extra step, such as putting in a number sent to your phone, to login.

2. Don’t save passwords on public computers

Don’t activate any “remember my password” features on a computer that isn’t yours.

3. Be careful answering security questions

Answers to common security questions, such as your mom’s maiden name or the street you grew up on, can often be found on social media. Consider this when choosing questions and how you answer them.

4. Change your password often

You might not know if your password has been compromised, so change it often.

5. Use a USB token

Services such as Google, Facebook and Dropbox support the use of a USB key that you plug in to your computer before typing in your password as a form of two factor-authentication. This means that you have to be physically present for your password to work, making it harder to break into your account.

6. Change your router’s administrator password

In addition to the password that your WiFi network requires to use it, it also has an administrator login to manage the network. Many routers default to simple logins such as “admin” for the login name and “password” for the password. Make sure to changes these, so anyone who is able to get on your network isn’t able to change things.

7. Create a random password using dice

Using a process called dice ware, you can create a completely random password. There are numerous diceware word lists available. you simple roll dice, find the corresponding word in the list, and repeat until you have a sequence of a few words.

8. Keep password notes in your wallet

If you need to write down your password to remember it, keep it on your person, in your wallet or purse, instead of at your desk. Then, if you don’t know where your wallet is, change your password.

9. Keep your computer clean of malware

No matter how strong your passwords are, malware can still watch you type it in. Anti-malware software can detect and remove keylogging software.

10. Have a tip sheet

Writing down your password can be risky if not done carefully, but writing down a clue to help you remember your password, without revealing to others what it actually is, is a bit safer.

11. Use a password manager

Password management software stores all of your various passwords safely, allowing you to access them with just one master password. Just make sure the master password is very strong, and changed often.

12. Use a phrase

The National Institute of Standards and Technology recommends using a phrase with multiple words. If it is something you have a strong mental association with, it will be easy to remember while still being fairly difficult to guess.

13. Don’t give out your password

Password strength means nothing if someone tricks you into revealing your login info. Be wary of anyone asking for your login info, and make sure the page you are logging into is legitimate.

14. Consider avoiding common words

Many hackers automatically attempt to guess passwords using long dictionary lists of words. Using a single common word, name or consecutive keyboard combinations such as “qwerty” leave you more open to these types of attacks, according to McAfee.

Comments

Post a Comment

Popular posts from this blog

St. Jude Medical Recalls 465,000 Pacemakers Over Security Vulnerabilities

Image
Pacemaker Patients Must Visit Healthcare Provider for Firmware Update That Addresses Security Vulnerabilities A firmware update to address security vulnerabilities has been approved and is now available for radio frequency (RF)-enabled St. Jude Medical (now Abbott) implantable pacemakers, the U.S. Food and Drug Administration (FDA) announced this week. Vulnerabilities in St. Jude Medical's devices were made public last year by MedSec and Muddy Waters, as investment strategy to short sell shares of St. Jude's stock. The report claimed that attackers could, among other things, crash implantable cardiac devices and drain their battery at a fast rate. St. Jude rushed to refute the allegations and even sued the two companies , while University of Michigan researchers analyzed the MedSec/Muddy Waters report and discovered that their proof-of-concept (PoC) exploit did not actually crash the implanted cardiac device. Muddy Waters and MedSec responded to t
Read more

Ethereum cryptocurrency wallets raided after Amazon’s internet domain service hijacked

Image
Approximately US $150,000 worth of Ethereum-based cryptocurrency stolen. Online cryptocurrency website MyEtherWallet.com has confirmed that for a period of time yesterday some visitors could have been redirected to a phishing site designed to steal users’ credentials and – ultimately – empty their cryptocurrency wallets. According to reports , whoever was behind the attack may have successfully stolen approximately US $152,000 worth of Ethereum-based cryptocurrency.  However, assuming that MyEtherWallet itself was at fault may be a mistake, as the website explained in its statement: “This is not due to a lack of security on the [MyEtherWallet] platform. It is due to hackers finding vulnerabilities in public facing DNS servers.” This explanation is confirmed by British security researcher Kevin Beaumont, who described in a blog post that some of MyEtherWallet’s traffic had been redirected to a server based in Russia after traffic intended for Amazon’s DNS resolvers
Read more

Facebook is using billions of Instagram images to train AI algorithms

Image
  Your Instagram photo of a perfectly composed plate of pancakes or an exquisitely framed sunset is helping Facebook train its artificial intelligence algorithms to better understand objects in images, the company announced today at its annual F8 developer conference. Facebook says the approach, which culls images from publicly available hashtags, is a way to amass and train software with billions of images without the need for human workers to laboriously analyze the data and annotate it. The end result is a training system that created algorithms Facebook says beat top-of-the-line industry benchmarks.  “We rely almost entirely on hand-curated, human-labeled data sets. If a person hasn’t spend the time to label something specific in an image, even the most advanced computer vision systems won’t be able to identity it,” Mike Schroepfer, Facebook’s chief technology officer, said onstage at F8. But using Instagram images that are already labeled by way of hashtags, Facebook was ab
Read more