- Know how to create strong passwords. Strong passwords are at least 12 characters long and use a combination of upper and lower case letters, numbers, and if possible symbols. Make it something that you can remember, such as a phrase. For example ”I Love Scotcharoos” could be changed to” !<35cO7ch4ro0$” where Scotcharoos is not a dictionary word (it’s a type of cookie popular in the central US). Although I have used some simple substitutions like 5 and $ for the letter ‘S,’ I did not use the same substitution consistently. I tested this passphrase on https://howsecureismypassword.net/ with the result that it estimates it would take a computer 41 trillion years to crack it. Check out this blog post on how to create strong passwords that you can remember.
- In order to have separate security phrases, passphrases, passwords, or PINS for all the programs and systems that are needed for everyday work or home life, I strongly advocate destroying your sticky notes and replacing them with a password vault. If needed, you should also update your passphrases/passwords/PINs to increase the strength of each as described above. There are many no- or low-cost password vaults available for mobile phones and desktop computers. (Some come with web options for use on both types of devices). Check out PC magazine’s review of some of the most popular solutions.
- Whenever possible, use login methods that require multiple parts, such 2-factor or multi-factor components. This means you will need to provide something that you know (like a password), and either something that you have/can get (like a code sent via text message to your phone), or something that you are/do (like your fingerprint, facial scan, or how you walk).
- Update your Wi-Fi router to employ a username (something besides "admin") and a unique strong password. If it works for your household, update its settings to NOT broadcast its name (the SSID). If not, use an SSID that does not include your name or other distinguishing names; use a name that is applicable to anyone.
- Investigate the sender of each piece of email sent to you. If you place your mouse over the sender’s name, does it match who and where it claims to be from? If the email states that you need to take urgent action and respond with information that you would not give any Joe on the street, STOP, take a breath, pick up a phone, and call the sender’s home or organization. DO NOT immediately take the action requested of you, as it could be a scam.