Your ransomware profile: passwords, profiles and protection
If your computer password contains the name of your dog, your favorite vacation spot, and an easy-to-remember numerical sequence, then you are breaking some basic rules of password safety. Even though “BusterBermuda789” might seem impenetrable to you, this is a password security experts say is vulnerable.
Here are five things to know about passwords:
- A long, strong password goes a long way in helping prevent hacking.
- Every account should have a different password.
- A hacker’s password-cracking software can easily expose any password composed of an actual word or proper name, or keyboard sequences. (i.e. Mike123)
- Passwords should be a jumbled mix of upper and lower case letters, numbers and characters.
- A password manager tool will make all of this easy for you. Here is one of password manager tool that can help you get started creating stronger passwords.
Need to Know: Four data protection tips
- Look out for suspicious emails: Hackers send out phishing emails to trick recipients into clicking a link or attachment that downloads a virus. Or, the link may take them to a website that tricks them into typing out login information. Fraudulent e-mails that look as if they could be from your bank, employer, medical plan carrier, the IRS, UPS, etc. But these will typically ask you do things the IRS and your bank would not. It’s unlikely that your bank lost your account information, and now needs it urgently. Also ignore any email claiming you won a prize, or inherited money. Make sure not to click on any attachments in an email. Attachments are a common way that cybercriminals spread ransomware.
- Use 2FA when available. Always choose 2FA – two-factor authentication – option whenever it’s available. Two-factor authentication is when a login attempt to an account prompts a text known as a One-Time Password (OTP) or voice-call to your phone with a unique numerical code that you can enter in a login field. Sign up for it if your account offers it. Yes, hackers have been known to lure users into texting them that special code. Always be suspect of any requests for your OTP.
- Protect online profiles. Many hackers get personal information from social media and then use those data pieces to figure out user names and your answers to security questions on your various accounts. Think about it: Do you really need to post the names of all your kids and pets, your wedding anniversary date (which you then might use in a password combination) and tell everyone where you work? It might be time to consider more carefully what you make public. And always make sure your settings are kept private, not public.
- Web and Wi-Fi safety. Consider multiple email addresses – not just multiple passwords – to distinguish from business and social contacts. Avoid Wi-Fi at hotels, coffee shops, etc. These are prevalent and convenient, yes, but extremely vulnerable. Never conduct financial transactions on public Wi-Fi. Use a VPN to secure Wi-Fi in remote locations. Your home network should use WPA-2 and not WEP connection. Ignore pop-ups.
A new level of awareness is needed as computer users navigate their professional and personal lives, and realize they are vulnerable – and their data is at risk – every time they log on to a system. Keep simple tips like this close by in order to avoid ransomware and other cyber threats.
Robert is a security analyst, author and media personality who specializes in personal security and identity theft and appears regularly on Good Morning America, ABC News and The TODAY Show.