October is National Cybersecurity Awareness Month.
In order to stay safe online, follow these steps to help provide an extra level of security:
1. Try 2FA Wherever You Can
2FA is short for two-factor authentication, also known as two-step verification or 2SV.
Typically, 2FA works by asking you for your regular password, which is the same every time, and then asking you for a one-time code that is calculated by, or sent as a text message to, your phone. In particular, it helps prevents criminals from stealing your password today and use it again and again for hours, days or weeks.
2FA is indeed a simple step to online safety, but it isn’t a one-off action: it adds an extra step to every login, so you have to change your login process – what time management and user interface experts like to call “workflow.”
2. Use the Longest Mobile Phone Lock Code You Can Manage
Back in 2015, Apple upped the shortest permitted lock code for iPhones from four digits to six.
That’s because adding two digits doesn’t increase the number of different codes by 50% (6 digits / 4 digits = 1.5 = 150%), but takes you from 10×10×10×10 codes (10,000) to 106 (1 million), a 100-fold boost in complexity.
We suggest upping your lock code even further to, say, 10 digits, even though it’s harder to memorize to start with, and takes longer to type in every time.
Although 10-digit codes take 2.5 times longer to type in than 4-digit codes – let’s say close to three seconds instead of about one second – they are, at least in theory, a cool one million times more secure. (The arithmetic here is 10/4 = 2.5, but 1010/104 = 1,000,000.)
That means it’s easier to pick something unique and hard to guess, and harder for crooks – or for your oh-so-witty friends who are dying to send out off-color tweets in your name – to shoulder-surf by watching you typing in your code out of the corner of their eye.
We think the effort is worth it, and we encourage you to increase the length of your lockcode as much as you can.
If you’re worried about forgetting your new, super-long code and being faced with resetting your phone and losing any data you haven’t yet backed up, consider writing down the new code and locking it away at home until you’re happy you’ve mastered the new finger pattern.
3. Log Out of Apps You’re Not Using
We suggest learning how to log out fully from services such as Twitter and Facebook, especially on your phone, where simply closing the app is not enough.
It means logging back in every time you start up the app or load the website again, which is mildly annoying at first.
But it means you’ll be much less likely to share something unintentionally, which will not only protect your friends from scams apparently “approved” by you, but also protect you from what could turn into career-limiting moves.
We think the effort is worth it, and we encourage you to learn to log out regularly.
Admittedly, for all that this is a simple step in theory, it’s irritating to get right in practice, because each social media app seems to have its own way of handling the logout function, and it isn’t always obvious where to find it.
There you have it. As we said above, you might consider these steps a bit of a hassle at first, but that we think you will soon consider them second nature. In fact, you might soon find yourself uncomfortable without them, like driving without a seatbelt or riding without a helmet.
Information reposted from SOPHOS.