Lisa Aberle, clarkhoward.com
Hey, do you mind if I try to guess one of your passwords? No? Okay, how about “123456″ or “password”? Maybe “Max123″ or “Bella2011″?
Although I hope no readers are using any of these passwords currently, “123456″ and “password” are among the most common passwords chosen. And “Max” and “Bella”? Those are some of the most popular pet names; and since pet names are commonly used too — Well …
I am no hacker, and I spend very little time thinking about hackers. I wouldn’t hack into someone else’s information, so why would anyone think about hacking into my information?
It happens. Every day, it happens to ordinary citizens. Tomorrow it may be you or me. Are we being as smart as possible online toprotect our financial information?
While these tips will not always refer specifically to keeping your financial information safe, I want you to consider something: The more information hackers can learn about you, the more they can guess. If you act carelessly with your Facebook account, you could be indirectly compromising your sensitive information, which could possibly include your banking relationships.
Basic street smarts in cyberspace
In real life, most of us shy away from rough neighborhoods. We lock our cars and install security systems in our houses. But we’re strangely lax when we’re online.
Let’s review a few basic guidelines.
- Use a security code for your smartphone or tablet and a password for your computer.
- Don’t send personal or financial information via email.
- Don’t click on links you didn’t expect in pop-up windows or what could be phishing emails.
- Don’t share your password or username.
- Keep current with the latest software updates which are often released to patch some holes.
1. Pay attention to your passwords
Now that we have the basics out of the way, let’s talk about passwords. If you are using “123456″ as a password, it’s got to go now! A few years ago, I naively contributed to its popularity too (oops!). Then I found a statistic somewhere that said up to 50 percent of Internet users use “123456″ for their pass phrase, so I changed it to something with words and one number. To help me remember, I also used that password for almost all of my online surfing. Not much better. I can’t find that statistic today, but I mention it because it did cause me to change what I was doing.
Here’s how to make your passwords tough to crack:
- Do not use the same password for multiple sites or logins.
- Do not use your name or other commonly known information or anything else that could be easily guessed or researched. This could include names of family members or pets. How could hackers find out that information? More on that in a minute.
- Use combinations of upper- and lower-case letters, along with numbers and special characters if allowed.
- Make the password as long as possible. Hackers use programs to guess your password, so longer passwords take longer to guess. Make them tired so they move on to someone else.
We violate the above rules for good reason: it’s hard to remember one password, let alone many complicated passwords, isn’t it? While you can allow your browser to store your logins to websites, this isn’t the most secure option either. If your computer is hacked, those passwords may also be accessed.
There is another solution. Password managers encrypt your password database and create random passwords. Everything is hidden behind a master password that you must key in and the master password is not stored on the password manager company’s servers. Examples of these password managers include LastPass, KeePass, and 1Password — and there are others.
2. Keep your information private when using public Wi-Fi
I wonder how much of your private information has been viewed while you’re sipping your latte at Starbucks. That brings a whole new meaning to the term “Latte Factor®,” right?
- First, if possible, avoid visiting any websites that are sensitive until you are at home on a more private Internet connection.
- When using public Wi-Fi, specify the connection as a public connection so your computer doesn’t share information. (If you specify a private connection, your computer may become discoverable and accessible.)
- Don’t allow file- or printer-sharing. Also turn off network discovery or Bluetooth capability for devices to keep your files safer. (For PCs, turning off Bluetooth and network discovery is done through the Network and Internet portion of the Control Panel.)
- Also, make sure your firewall is on. (This is checked under System and Security under the Control Panel for PCs.)
- To be extra safe, you can use a virtual private network (VPN) to increase the privacy and security of your computer’s Internet connection.
3. Surf safely
After all your precautions, you want to be able to visit websites safely too. First of all, don’t store your credit card details on websites. And when you visit websites, make sure to look at the browser’s address bar. You want to see “https” instead of “http,” especially if you are purchasing something or sharing information.
You’ll definitely see “https” when you’re doing online banking. If you want to log in to your online savings account, for example, you should make sure that you’re actually logging in to a secure site. If you verify that “https” appears in your browser bar whenever you log in, you can feel confident that you’re not landing on a fake banking page.
4. Be smart with social media
Haven’t we all rolled our eyes when a friend shares too much on Facebook? Well, everyone should know that oversharing on social media has more sinister side effects too. You really don’t know who is watching. If you would shred the paper version, don’t post the electronic version, you know?
- Don’t accept social media invites from people you don’t know.
- Don’t participate in any of the “10 Things You Don’t Know About Me” posts either. Why? Some of the answers are answers to security questions that are supposed to secure your financial questions.
- Periodically check your security settings on social media and tweak them if necessary.
- Social media scams exist and try to get you to click on URLs that install malware or take you to phishing sites as well. You don’t have to eliminate social media from your life, but maybe don’t be so click-happy.
- Customize your posts to control what is seen. Never share pictures of your paycheck or driver’s license, for example.
- Turn off geo-tagging on Facebook of when you will be home or when you won’t be home — or turn off social geo-tagging.
Keep your email secure
Even if your email account hasn’t been hacked, I’m guessing you have received emails from a friend’s account that has been hacked. Try these tips to keep your information safe (and your friends’ inboxes safe too).
- Consider using more than one email account. Share one with your family and friends, use one for online shopping and newsletter sign-ups, and another one for sensitive information, such as retirement accounts or credit card accounts. Why a separate one for online shopping or newsletter sign-ups? Your information is bound to be sold at some point, so why not have a junk email address to give away?
- You may want to change your email address from time to time, or if it has been compromised.
- Change your email password periodically.
- Use an email service that offers two-factor authorization. An example of two-factor authorization is: If you are logging in to your Gmail account on a computer that you have never used before, a 4-digit PIN is sent to your phone that you have to input after you have put in your actual password.
- This seems counter-intuitive, but don’t unsubscribe to newsletters to which you have never subscribed. Sneaky people blast unsuspecting email users and, by unsubscribing to these newsletters, you’ll actually get more spam. Instead, use the report-spam feature of your email provider if there is one. (Personal note: I used to just delete suspicious emails, but I have an itchy report-spam finger now.)
- Signs of phishing: misspelling, suspicious links, asking for personal information or suggesting you give out your personal information (as in, they need your login information because something has changed).
- Security questions deserve special attention. When I worked at a bank years ago, one of our customers had his mother’s maiden name printed on his checks. That’s making it way too easy for someone to answer your security questions and reset your passwords. You don’t want that.
So make it as hard as you possibly can.
- Answer the security questions incorrectly.
- Or better yet, create some randomized set of numbers, letters, and special characters.
- Whatever you do, do not answer the question with something you just posted on Facebook.
Your online information is like a puzzle. Facebook is one piece. Your email account is another. If you make it too easy to put some of the pieces together, hackers can start to see the whole picture of your life, including your financial accounts.
Yes, you need to be careful online. No, you don’t need to go analog in a digital world. But you do need to be very careful. Start by evaluating these five areas of your digital life and fill in the gaps where needed. Once you have made some improvements with these areas, there is more to learn, including more about how to increase the security of your home Internet connection.