home Your Business How To Prevent Yourself Being Hacked

How To Prevent Yourself Being Hacked

Hacking is a fun sport for those that partake of it, it’s not so much fun to wake up to seeing your site has been hacked!  Why is it done?  All types of reasons have been given to me in the past, including blackmail, fun, the challenge and many more.

How do you prevent yourself being hacked?  The following article was written by Paul Szoldra, on the Tech Insider blog.  It gives you a very good reason to ensure your passwords are strong, why using a password manager is a good thing, using two step verification heightens your security and to have your eyes open when an email asks you to confirm your identification or passwords.

4 things you should be doing right now so you won’t get hacked

Cybercrime is a multibillion-dollar racket that affects corporations and individuals alike, but there are a few simple steps everyone can implement to protect against it.

“If you’re a target, which honestly most companies are, then you really have to depend on taking some basic measures,” says Kyle Lady, a research and development engineer with Duo Security.

Tech Insider spoke with Lady recently about how hackers infiltrate systems and what the best methods are for stopping them. Here’s what he recommends.

Use passwords with at least 14 characters that can’t be found in the dictionary.

The 25 worst passwords of 2015 include entries like “123456,” “football,” and “password,” and these can all be easily guessed by an attacker. And we’re not talking about a hacker typing in different passwords until they get it right; most have software that can guess hundreds and thousands of passwords a minute.

So it’s best to use something much stronger. “If I can find your password in a dictionary, so can an attacker,” Lady says.

Lady recommends using a password with at least 14 characters (he uses at least 24) which has a number of uppercase and lowercase letters, and symbols in it. A password like “SYd#2n3l_!p4ss” — that has no real meaning and plenty of symbols to throw off a hacker — is going to be a lot better to use. But even using a phrase, like “this password security thing works,” is going to be stronger than most.

“It’s going to be real hard [for an attacker],” Lady said. “Someone is going to expend a lot of resources just to guess that password by trying over and over.”

But there’s also a problem for the user: Memorizing that password full of hard-to-remember characters.

Use a password manager so you won’t have to remember all of them.

A password manager like LastPass or 1Password can securely store all of your passwords for everything from your email to bank account in one spot, so you don’t need to remember each one. Which is great, since Lady recommends using different passwords for your various accounts.

Instead of coming up with a strong password filled with various symbols and letters yourself, most password managers can generate very strong passwords for you, encrypt them, and keep it on file, “so you don’t have to have them written down,” Lady says.

Then, you only need to come up with one really strong master password.

Turn on two-factor authentication and your account will remain secure even if your password is hacked.

“Even weak passwords aren’t the end of the world, if you’re using two-factor authentication,” Lady says.

Two-factor authentication is becoming standard for password security. With two-factor, a user enters their password, then goes through a second round of screening, usually by entering in a code they received in a text message. For the most part, this second step would stop most hackers in their tracks, since they’d have to steal your phone in order to proceed.

“It’s becoming a standard option, but most people don’t enable it,” Lady says, noting that most people are too lazy to do so. You can usually find two-step authorization in your account settings. It’s available on Facebook, Twitter, Gmail, Snapchat, and a ton of other services — just make sure you actually turn it on.

Be especially wary of emails asking you to do something, or phone calls about the security of your accounts.

About 91% of targeted cyber attacks begin with a “spear-phishing” email, a trick designed to get a specific person to click on a link, give up their password, or download malware. These types of emails are designed to look like the real thing, and are really hard to judge at first glance.

A scammer might email saying your PayPal account has been hacked, and you need to update your password. But once you click the link, you are actually giving them your password, not changing it. Lady says the key is to make sure you are on a legitimate page like paypal.com, and not a scam site with an address like www.paypalsecurity.xyz.

“If there’s any doubt in your mind, essentially, trust but verify,” Lady said.

The same goes for suspicious phone calls. Hackers often use “social engineering” to convince a person to help them. So it’s important to remain skeptical of calls from people claiming to be customer service representatives, since most companies don’t call out, and almost all will never ask for passwords.

“I could be tech support with a cell phone in ten minutes and go around asking for passwords,” Lady said.

From Tech Insider

 

So, remember to use strong passwords, made up of many random letters, symbols and numbers, and ensure there are at least 14, but preferably, up to 25 of them in your password.  Remembering that any word in the dictionary can be hacked, while random reiterations are much harder to be hacked.  Strengthening your password, by 2 step verification methods, or the use of a password manager are recommended. It may seem like extra work, however, just imagine not being able to access your account, and your friends are ringing you telling you what is currently showing on your site (it may not be pretty, or legal).

Remember to play safe!

For more business tips and tales, remember to visit us on Facebook also

Leave a Reply