On Boxing Day here in the UK (26th December for anyone who doesn’t celebrate it) the NCSC (that’s the National Cyber Security Centre) blogged about staying smart with your Christmas gadgets. This included 5 tips which are always true for gadgets and our tech-filled lives, so I thought I’d go through them.
Protect it with a strong password
This is so simply and so true, yet so regularly ignored.
Oh no, not another password, I’ll just reuse the one I always use…
Sound familiar? STOP! Don’t do it. The trouble with things that lots of people do is that criminals are in on the “secret”, so one of the go-to techniques for hacking accounts now is what’s called Credential Stuffing. This is where they take username and password combinations from data breaches (and there’s been a lot of data breaches) and try them on other sites. So if you reuse a password, and it’s been breached before, you will get owned!
So please, follow these steps…
- Don’t use a browser’s in-built password store, these are regularly stolen during malware/ransonware attacks
- Do use a password manager to generate and store unique passwords (remember, if you can remember it, it’s a bad password) – I would recommend LastPass, they browser extensions and apps which make it really easy to use passwords everywhere across your devices.
- Check if your email address appears in any data breaches using Have I Been Pwned? – if you have, change the password on these accounts
- Check if any of your existing passwords have been breached using Have I Been Pwned – Passwords – if you have, change the password on any accounts with this password
Whilst you’re at Have I Been Pwned?, sign up for notifications too, and if you own any domains, do a domain search as well. This way you’ll know when your data is out there and have a chance to quickly change the password.