Time to tighten your online security

16 Feb
This screen grab from Facebook explains in simple terms how enhanced log-in security works.

This screen grab from Facebook explains in simple terms how enhanced log-in security works.

In my previous column I wrote about online security from a global perspective. This week I take it down to the granular level and examine ways to tighten your personal online security.

Recently, a number of my Facebook friends have complained about getting hacked. How is never made clear, but one thing is certain: getting hacked and trying to get your account back can be frightening and frustrating, not to mention costly if hackers get at your banking and credit card information.

But there are things you can do to protect yourself. Following are some basic steps that you should implement immediately to make your accounts as secure as possible.

Passwords

Your first line of defence is always a strong password. Sounds logical, right? But still, there are millions of people who use no-brainer passwords like ‘123456’, ‘abcdef’ and even ‘password’. These people are hacks waiting to happen. Select a password that you can remember, but is not part of popular culture (hackers know that ‘batman’, ‘football’ and ‘baseball’ are popular passwords). Don’t use names of children, partners, pets, or any information that can be easily gleaned from your Facebook profile. Always use a combination of upper and lower case letters, numbers and symbols.

Fake Facebook profiles

Last week, I received friend requests from two people who were already friends. In both cases, the real friends got wind of it and cautioned via status update to decline such requests. In this case, the hackers aren’t cracking your own account – they are downloading your pictures and information and creating a carbon copy of your profile, then sending friend requests to everyone on your list. Why? It’s a form of identity theft, in which the fake account holder contacts your friends via private message, asking for money or trying to sell something. If you learn that someone is pretending to be you, report it immediately. Go to the impostor profile, click on the cover photo and then click ‘report’. Follow through to make sure it gets shut down. And if you see that a friend’s account is being copied, tell them right away.

Ignore phishing emails

There are too many phishing email scams to go into here but all have a similar pitch: there is a problem with your account, so please click this link to log in. Of course, the site is a fake and they are ‘phishing’ for your user name and password. Most often it’s a bank account they’re after, but it could also be email, Twitter, Facebook or any personal account. Bottom line: never, ever log on to a website you receive in an email. Just don’t.

But suppose someone does get your password, by hook or by crook? There are steps you can take to protect yourself in that situation, too. They are listed below.

Facebook

In the upper right corner you will see a tiny arrow, pointing downward. Click it and select ‘settings’. In this window, click ‘security’ from the list on the left. Topping the list is ‘Login notifications’ – click it and you get this message: ‘We can notify you when your account is accessed from a computer or mobile device that you haven’t used before’. You can select email or text message for this notification, or both. I selected both. Next on the list is ‘Login Approvals’. Click this, then check this option: ‘Require a security code to access my account from unknown browsers’. It will ask for your cell number and will then send you this code via text. Follow the prompts to complete the process.

Gmail

If you use Gmail you know that it can also access Google+, so you really need an extra layer of security here. Log in, then click on the round blue person icon in the upper right corner. Click ‘Account’, then click ‘Add a recovery phone to help secure your account’. It’s very simple. Just follow the prompts. If you use Yahoo mail, you can do the same thing and the process is similar.

Twitter

Click your little mug shot in the upper right corner to display the menu and select ‘Settings’. From the list on the left, select ‘Security and privacy’, then select ‘Send login verification to cell phone’. You will need to enter your cell number and then confirm it with a text message but it’s not complicated – just follow the prompts.

This is all ridiculously easy to do. So do it now. Then you can relax, knowing that now it is almost impossible to hack your account.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: