In today’s presentation on Google Docs to the Seniors SIG, I was asked “Is it safe to put my stuff up in Google’s cloud? Can’t hackers get at it?
Well, if your password is “password”, hackers will get at it. The point is, people are the weakest link in security. I am not an expert in security, but I know to use a few techniques to make my online presence secure. Using those below, I trust putting my documents in Google’s cloud, and for now, putting my passwords in LastPass’s cloud based password manager.
- Start with strong passwords (of more than 12 characters containing letters, CAPITALS, and numbers). If you need to enter them on a tablet or phone, chose even longer phrases, without those characters that are hard to enter.
- Never use the same password on more than one account. Your most valuable account will have only the security of your least valuable site (and probably the least secure site) if they share the same password
- Those two above pretty much mandate using a password manager, and if you do, use its security scan that look for duplicate uses and weak passwords… Change those reported as weak.
- Wherever permitted, use two factor authentication, such as entering a second code sent to your phone in a text message each time you log in. Use two factor authentication on password manager accounts, and your main email account. It has saved me at least once.
- On public computers, like those at the club or the library, for your password manager, use one time passwords that defeat key loggers
- Club members have been victims of thieves making phone calls about their computers.
- Wikipedia is my trusted source of information. Internet_fraud lists many attack types and Social Engineering list interactions to watch out for.
- Watch for mis-spellings in the URL shown in the status bar at the bottom of your browser while hovering over a link before clicking on it, especially a link that arrived in an email
- Add a Web-of-Trust extension to your browser to put small safety indicators on links in web pages and searches
- Set Windows Update to automatic,
- Use a currently supported version of your operating system, not XP