Andrew works in information security and he helped me make sure my blog and all parts of my life in general were more safe. I really wanted to share it with all of you guys so he helped me put this post together with his knowledge of internet security and some of our experiences.
Over the past year, there have been a lot of online security incidents involving stolen passwords, credit card information, as well as leaked private pictures. Being that October is National Security Awareness Month, I figured I would share some tips I use to keep my online accounts as secure as possible.
5 Important Tips for Improving your Online Security
1. Never use the same password on multiple websites
If you’re like me, you have probably over 100 accounts online. It can be extremely difficult to memorize all those different passwords. The problem here is people may use the same password across multiple websites. I was beyond guilty of this. When Andrew found out, after laughing for a solid 5 minutes he insisted I changed everything. If one of those websites have a security breach, a hacker can have your password to all your websites.
There are Password Managers available for free that let you safely store all your passwords. This way you can create unique passwords for each website you have an account on. If one website is compromised, your other accounts are still safe. I personally use LastPass for storing all my passwords. IT IS AMAZING! It allows you to generate random passwords so they are strong and you don’t have to worry about coming up with a new password each time. LastPass also has browser plug-ins and mobile apps so I can access my passwords anywhere I go. The app on my phone is great! Password managers have a master password that securely encrypt all your account passwords. You only have to remember one password from here on out! You can also store credit card information, secure notes etc. Plus you can see your security score. We may have a slight competition about how secure we are on lastpass. NERD ALERT!
2. Use a strong password
My next tip is to always use a strong password. When websites say your password must be between 8 and 32 characters, use a random password generator and generate the most complex 32 character long password you can. Always use a combination of upper and lower case characters, numbers, and symbols if allowed. Memorizing these long random passwords makes a Password Manager come in very handy! I was a total 8 character person for the longest time. One of my passwords can be 70 characters and you better believe it is. HINT paypal.
3. Use two-factor authentication
Two-factor authentication is a security feature that has been around for a few years, yet still isn’t widely used. This security feature requires you to have something you know, like your password, and have something that only you would have, like your cell phone. Websites like Gmail, Facebook, Twitter, and PayPal have this security feature. This is hugely important to us bloggers who need these websites for our daily lives to function correctly. Getting locked out of twitter? NO THANKS! When you attempt to login, the website will send your phone a random code that is required before you can fully sign in. This will happen whenever the website detects you logging in from a new device. It really makes me feel safe, because even if someone stole my password, they would also have to have my cell phone to get the code. By the way, you can have backup phone numbers entered in case you ever lost your phone. I have Andrew’s phone number and my mom’s as mine.
Apple offers two-factor authentication, although, most don’t use it. All those leaked celebrity pictures in the recent news could have probably been avoided if they just had two-factor authentication enabled. A great list of all the websites that support this feature can be found at: https://twofactorauth.org/
Also don’t post naked pictures of yourself….just a thought.
4. HTTPS vs HTTP
Whenever you are entering in sensitive information online (passwords, credit card numbers, etc…), make sure the web address at the top of the browser starts with “https://” and not just “http://”. The “S” stands for secure, which means the website you are connected to is sending your information securely and encrypted. This is really important, especially if you’re ever using public wireless like at a hotel or Starbucks. If the website isn’t using https, someone could be sitting near you and reading everything you type. It’s pretty scary to think about it! I am on the go so much with blog conferences, trips, and working from various locations that it wasn’t even something I thought about it. Then I wanted to curl up into a ball and cry. It’s OK though 🙂
5. Help protect yourself against identity theft
Checking your credit report often is really important. I check mine and have found a few errors on it. You can dispute the mistake and work work the credit bureau to correct it.
You are allowed to check your credit report once a year from each of the three credit bureaus. What I do is view one of the three credit reports every four months so I can always stay on top of them. The only truly free and trusted website to get your credit reports is at https://www.annualcreditreport.com/. This is backed by the Government and does not charge you any hidden fees, unlike some of those commercials you may see for other websites.
Credit Karma (operated by TransUnion) and Credit Sesame (operated by Experian) are also great free resources you can use to check your actual credit score. These websites can also inform you of any suspicious activity showing up on your credit report. It’s better to find out as soon as possible and fix the issue before you need to use your credit and find out it’s ruined by a simple mistake. They both have mobile apps, so I tend to check my credit score often and it sort of becomes addicting to see how high I can get it!
Lastly, we all get those annoying credit card offers in the mail all the time. Did you know that people actually go dumpster diving and try to find those and fill them out to steal your identity?? It’s important to always shred mail that is has any banking information or is an offer to open an account. Even better, you can actually opt-out of receiving these! The FTC has a website available to do so at: https://www.optoutprescreen.com/
Do you feel secure in your online presence? What changes will you be making?
What great info!! I feel like Andrew would laugh at me too because I am very guilty of using the same password across the board. I need to look into LastPass ASAP!!
Great things to know, thanks!
I’m so guilty of using the same password over and over and . . . I really need to look into that password keeper.
I knew about the https when using a credit card, etc. and requesting my credit info for free once a year, but that’s about all I knew. 🙂
Andrew would double over laughing at my password, too, but thanks for the great tips!!
Great information! I really need to start changing some of my passwords. I have the 1Password program on my computer and I don’t know why I just use it more!
I totally used to be that person using the really basic password–I’ve really, really tried to get better over the years, but there’s always room for improvement. I didn’t know the difference between the http and the https: you’ve taught me something today! 🙂 Great tips!
This is great information. There was a security breach at the local hospital here, so I’ve been trying to be even more diligent about passwords and security. It’s scary to think that someone can have access to all your information, just because you got a cold and needed to see a doctor. Thankfully, the hospital had to provide everyone with a year of identity theft protection and credit monitoring. That lessens my worries a bit, but I feel like you can never be too careful.
Great tips, some of these things I haven’t even thought about. Thank you for sharing!
What a great post – thank you for sharing. I have a terrible time with passswords, so this was VERY helpful!
Good information. I didn’t know about the dual protection with the cell phone code. That would explain the notice I received when I logged into my husband’s computer. It must be set up but I’ll check. I also saw something recently about changing passwords most often on bank accounts, less often on other websites that you might be using. Great information.
I am so guilty of this. Thanks for the tips. I will be checking out LastPass…
The Accidental Mama
Yes! All of these things are SO important! I love 2 factor authorization on my gmail:)
Thank you so much for sharing these tips. I will be using them to make my electronic life more secure.
Thank you for this!!
These are some great tips. I don’t know who would want to steal MY identity. They could only make my credit better. But I still worry about bank account takeovers. That would be the worst thing EVER.
What company does Andrew work for? My hubby specializes in data security and his company is based in Dallas. It is freaky how insecure websites can be.
One of the simplest ways to stay secure online is to use effective passwords and keep changing them yet often we forget to do it. This is a great reminder.
These are all great tips. I will have to read some of the links that you included.
Very helpful post! I’m so guilty to be a one password person! I have to work on that and change all my passwords 😛
Thank you for sharing!!
Excellent tips! So glad you posted this, thanks 🙂
Great tips! I really appreciate knowing this. Pinned.
Excellent information. Thanks for sharing these very important internet safety tips. I am definitely taking note. 🙂
I have many very weird and wonderful passwords. I keep them on a little piece of paper tucked into my wallet with a code name beside each. I just downloaded LastPass per your instructions and it makes me feel so much more secure. Thank you. Now where do I tuck that very L O N G master password I need to remember?
Hi, visiting you via the SITS girls. Thank you so much for the tips, it is a scary world we live in!
Thank you. Great advice 🙂