A short and actionable guide on how to stay safe online.
The idea behind Better Human is to help you to become an improved version of yourself. Many of us spend a lot of time online and use various digital services. Unfortunately, multiple people do not understand how to keep themselves safe. This article will cover the essential things you should implement today If you haven't yet. It is not for tech experts or people that need a higher level of security or privacy online. It is for everyone that uses digital services and products.
Make sure you are using strong and unique passwords.
Unfortunately, most services and apps will use passwords to protect your data. Cybercriminals' methods have been refined over the last ten years, and we must rethink how we pick passwords. Complexity does not make a password necessarily more robust, but length does. So the password goal-blue-hello-mug-sheep-tiger-shrimp-unicorn-taco-party will be harder to break than %sk!d/@3df. It is also way easier to type. Short-length passwords are relatively easy to break, so the idea is to create lengthier ones for added security and make them less predictable. A good rule of thumb is:
- Your password should be at least 20 characters long.
- The password must be entirely random to harden it against modern attacking methods.
- You can never use a password or a variation of that password more than once. So don't use MY-SECRET-PASSWORD-google for your Google login and MY-SECRET-PASSWORD-signal for your Signal login. If hackers get their hands on one, they will guess the others.
Use a password manager.
I currently have over 900 passwords to log in to various services. There are no duplicates, and each password is between 40 and 100 characters long unless the login service does not support that many characters. I do not know a single one of these passwords. So how do you go about managing that many passwords? You do need a password manager.
A password manager is a software that helps you generate random passwords and stores them for you. You will need one master key to access your password manager. This is the only password I know by heart, and yes, it is also longer than 20 characters. The program will then fill these passwords automatically.
There are many different options. If you are using iOS, then the iCloud keychain is a great option. I am advocating for using 1Password. But if you are looking for a free alternative, you could also try Firefox Lockwise. The most important thing about choosing a password manager is to go with a company you can trust. If someone gained access to your password manager, he would gain access to all your password. But many IT professionals agree that the benefit of a password manager far outweighs this risk.
Two-factor authentication (also known as two-factor auth or 2FA) is an additional security layer used to keep accounts secure and ensure that people cannot access online accounts that don't belong to them.
You might already know from your online banking that you must type in a randomly generated number after using your username and password. Some banks send you an SMS, and others give you a dedicated hardware token or an app. Unfortunately, many do not know that you can add this additional security layer to many web services. Even if someone knew your username and password, they still could not log in without the randomly generated 2FA-Code. And to get that code, the attacker would need access to your own physical device.
If you are using 1Password, the feature is built-in. Otherwise, I can highly recommend Authy. Some services also offer SMS as a 2FA option. But the SMS does not provide the layer of security a software-based solution would give you. Setting up 2FA will take some time for all the services you might use. But please do it now, especially for important accounts like your iPhone, E-Mail or cloud data. This list will get you started: https://2fa.directory.
So this is it. Get a password manager and generate lengthy, robust, secure and unique passwords for every login. Activate 2FA for any service that offers it. Two simple things which will have a huge impact are that your account should stay safe. If you have not implemented these two things in your life, I recommend prioritising doing it this week.