As another round of celebrity nude images are leaked onto the internet, violating the privacy of a number of stars, it has become increasingly apparent that digital security should become a required part of modern education.
Lax security and passwords is no reason that anyone’s private images and videos should be leaked to the public, and the hacker(s) involved should face criminal prosecution for their actions. However, with a better understanding of the digital tools we use in our daily lives, such leaks should become rarer if not a thing of the past.
We are all guilty of re-using the same password for multiple services and devices because it is easy to remember, but as hackers become ever more sophisticated, we should all take stock and have a security audit if we want to keep our personal information safe.
Make passwords hard to crack
In general, the longer the password the better it is for your security, so try to make sure to have passwords that are at least 16 characters in length. And the more variation the better, so while a password of four dictionary words would be good, adding a few numbers and other characters in there will add to the difficulty factor for those trying to break in.
Amazingly, the most common passwords used by people today are mostly the same as those for the last twenty years, with many shorter than six characters. If you are still using 123456 as your password for anything – stop it now.
Don’t re-use passwords
Many people, including this author, have had their email, Facebook, Twitter, or other accounts hacked because they re-used the same password on multiple services. While that password may be secure, if any of these services get hacked then both your email address and password are available to hackers around the world to try against every other service they can think might be useful.
Huge hacks of account details from the likes of Yahoo and Adobe, along with thousands of other smaller hacks, means millions of people’s usernames and passwords, probably including yours, are online already. If you use a unique password for each service, if one of them is hacked, it does not provide a wider security threat to your digital life.
Use a password manager
Trying to remember unique passwords of 16+ characters for the dozens of web services we use every day is a very difficult task, but luckily there is a solution to that problem – password managers. These tools work across multiple devices, so you can have it installed on your laptop, phone, iPad, and more, and mean that you only have to remember one very secure password and it will do the rest.
Password managers also include password generators, that will create unique and random strings of letters, numbers, and characters, to use as passwords for different sites, which should be very hard for hackers to crack. Many security and antivirus suites now come with password managers included, but if you would like a specialised service take a look at LastPass, Dashlane, and KeePass.
Don’t open attachments or click links from strangers in emails or on social media
Most people know not to open suspicious looking attachments in emails, but as many of us now receive much of our digital communications via other means such as Facebook, WhatsApp, or Snapchat that means being just as security conscious on these services.
It is not just attachments that can cause problems either, as it is possible for attackers to embed malware in webpages. So it is best to make sure you trust the sender and website you are visiting before clicking through.
Some hackers use link shortening services in an attempt to hide the offending URL, but many link shorteners offer a service that lets you see the full URL before accessing by adding a plus sign “+” after the shortened URL. For example http://bit.ly/1f123tg will take you directly to the Descrier’s homepage, while http://bit.ly/1f123tg+ will take you to a Bitly page with more information on the link and the full URL.
Two-factor authentication
While long unique passwords can provide good security, having two methods of authentication that need to be used simultaneously is much more secure. Many services including GMail and recently HMRC have introduced two-factor authentication login options – where to login you need to add your password and then are sent a text with an access code to your mobile phone to make sure its you.
Phishing: Only login to web services for which you have typed in the URL
Many hackers send out phishing emails that look like they come from your bank, PayPal, Facebook, Google, and other web services. These emails often look just like the real ones, with the right logos, images, and formatting, but the login link will be to a fake site that will steal your username and password when you type them in.
It can be very hard to distinguish between these emails (and the fake sites they link to) and the real thing, so the best option is to never click a link to service that asks for you to login from an email, text, or social media message. Instead, always type the web address of that service directly into your browser and login there, safe in the knowledge that your details are not being monitored.
Photograph by Pixelcreatures