You must always use strong passwords that cannot be guessed by anyone and they should never be reused anywhere else.
This obviously makes sense for maximum security but:
- What is a strong password?
- How do you come up with a strong password?
- How do you remember the strong password?
A strong password is obviously one that cannot be guessed or derived through some automated process. An example of a strong password is: Jg4uyG3B87dTg%x. This is using characters randomly put together using a total of 15 characters which include 4 numbers, 1 symbol and upper and lowercase letters.
Another example is using words which may be easier to remember. An example is: musty-eject-thing-quackery using 4 words and hyphens.
So, how do you come up with these strong passwords? The simplest answer is to use software such as 1Password by AgileBits (https://1password.com) or in the case of the Mac, it has a program called Keychain Access which will store passwords generated such as when you create an account in the browser or change your password, it will suggest to create a strong password for you and store it in the Keychain.
Once you have created these strong passwords, then you never have to remember them again as they will be available to you when you need them. In the case of 1Password, you only ever have to remember the password to 1Password to access all your other passwords.
In the latest versions of MacOs and iOS, the passwords created and stored by Keychain carry across your devices and if you also have 1Password, you can open that if the password is stored in it.
Two Factor Authentication
Use for your Apple ID, Google, Facebook, Microsoft and everywhere it is available. It will ensure that there is no unauthorised access to your accounts.
Microsoft uses its Authenticator app on you mobile device and Google use their Authenticator app which a number of third parties such as Square, Amazon, Airtable, Synology etc use.
Disable Automatic Login
Do not allow your computer to login without an account and a password. Require passwords for each account on the computer or in the case of a mobile device, ensure that it is protected by some form of authentication at all times, whether that is FaceID, finger print, passcode or whatever method your device uses.
Don’t Trust Emails or Text Messages
If you receive an email or a text from an unknown source that is unsolicited, do not click on any links or in fact on anything in the email or message.
Banks do not send you links for you to click nor do any sensible organisations. If you think it may be legitimate, go to the site you know and check it out, not via a link in the email or message.
Phone Call Scams
There are many scams out there which include ones where they pretend to have detected an issue with your computer. Just hang up.
More recently, you may receive phone calls from unknown locations and numbers but they hang up before you have a chance to answer. They want you to phone back as they are a premium call that will cost you a great deal of money as they will waste your time as much as possible.
Don’t phone back any of these numbers!
Be aware of any scams involving buying, selling and job offers.
Do not trust any public WiFi hotspots. Do not do anything such as banking or where you need to use account details unless its a https site (secure) or use a VPN service.
Install the latest security updates and OS updates and third party software updates.
Read news sources and keep up with the latest threats.
Scamwatch (https://www.scamwatch.gov.au) has information on the latest scams.