Twitter data breach

s76l42

Member
If you are a Twitter user change your password immediately. There has been another data breach and over 5.4 million Twitter user's names, phone numbers and email addresses have been stolen. This information can be sold on the dark web and can lead to identity theft.
Here are my tips on choosing a strong password and how to stay safe.

Choosing a strong, secure, unique password for each website you visit is important. You also want to use a password to log into your computers, tablets, smart phones, and other devices.

It is estimated that 59% of people use the same password for multiple accounts. And this is just one estimate. The actual number may be higher. And of those people many do not change their password regularly. Many companies now require the users change their password after a specified amount of time which is a good practice.

So how do you choose a secure password?

Use a Password Manager

Use a password manager to save all of your login information. I recommend eWallet, Lastpass and Bitwarden. A password manager is a secure database that allows you to safely save your passwords. You will use a master password to log into the program and that is the only password you will need to remember. All of your other passwords will be saved in the password manager.

Password Length

Choose a password that is at least 12 characters long. The longer the better. Websites have certain requirements when choosing a password. Most reputable sites will require a certain number of characters, but most allow you to use more than what is recommended. If you have that option, take it.

Mix it Up

Use a combination of upper and lower case letters, numbers and special characters. Each website is different, and some require this. But even if they don’t you should still use that combination.

Don’t Use Personal Information

Do not choose a password that contains any personal information or one that would be easy to guess. Don’t use your birthday or other dates that are meaningful to you. Don’t choose a pet or child’s name. Don’t use something that is your “favorite” anything. Don’t use a common word or phrase. Don’t use words in the dictionary. And don’t use anything generic. Two of the most often used password are “password” and “12345” Most people have social media accounts now and some share a lot of personal information on these sites. That is just one way a hacker can find this information and then try to use it to guess what your password is. For example, if your password is your pets name that may be very easy to get from one of your social media accounts. Don’t answer the quiz questions on Facebook and other social media sites. These quizzes are often malicious and use your answers to harvest your personal information.

Use a Password Generator

Use a password generator to generate a secure, random password. If you use a password manager most of them include a password generator within the program. There are also websites that offer a password generator. Norton and Avast both offer free password generators.


Do Not Use Old Passwords

Do not recycle old passwords and don’t choose a password that is similar to something you have used in the past. Always choose a new, completely different password.

Use a Different Password for Every Website

Choose a unique password for each site you visit. I cannot stress how important this is. If a hacker gains access to one of your accounts and you use that same password on other websites they’ll then be able to login to every account you use that password for which might include your bank account, brokerage account, email account, utilities accounts and more. This can lead to identity.

Change Your Password Regularly

Make it a habit to regularly change your password. I recommend every three to six months. Many people are reluctant to do this because it is time consuming but it is critical. Set a reminder on your calendar to do this.

Change Your Security Questions

When you change your password also change your security questions. Most of the time when you setup an online account you will be prompted to select several security questions that would allow you to access your account if you forgot your password. Some sites also prompt you for the answer to one or more of these questions when you log on. If a hacker gains access to your account they also gain access to the security questions. Never provide a real answer to these questions. For example, the questions may be something like what is your mother’s maiden name, what street did you grow up on, what was the name of the first school you attended. These are not secure questions and I wish websites would not use them but they do so what I recommend is that you never use real answers to these questions. Instead, use a password generator to generate a password and use that as the answer. Log all of your security questions and answers in your password manager.

Use Multi-factor Authentication


Multi-factor authentication is when a user is granted access to a site or program only after providing 2 or more forms of authentication. It utilizes a combination of something you know, something you are or something you have. Something you know can be a password, a PIN number or a passphrase. Something you are is normally some form of biometrics such as a fingerprint, iris pattern or voice or facial recognition. Something you have could be your cell phone or a token.

Use Multi-factor authentication whenever possible, it adds an added layer of security.

Keep Your Passwords Private

Do not share your passwords with others. You never know what someone else may do even a friend, relative or significant other. There have been many cases where a couple breaks up and one of them used the others information for malicious purposes or just to snoop on them after the breakup. It is best to keep your passwords to yourself.

If you end a relationship change your password at that time. Or if you suspect your account has been compromised in any way. Change it then as well.

Don’t write your passwords down. As I suggested before use a password manager to keep track of your login information. I work in IT and I cannot tell you how many times I have gone to someone’s desk to help them with a problem and found their password written down and stuck to their computer screen.

Don’t Login Using a Computer or Device You Do Not Own

Never enter your password on another person’s computer. It could be saved without you knowing it. Especially important if you are using a public computer.

If you are using your computer or other device on a public Wi-Fi don’t visit any websites that require you to login. Websites such as email, your bank, online shopping, your credit card company, etc. When you are connected to a public Wi-Fi your data can be intercepted by a malicious person. Better to be safe than sorry. Wait until you get home to visit those sites.

Password Protect Your Computers and Other Devices

Password protect your computers, tablets, cell phones and any other devices. This prevents someone who has physical access to those devices from logging in.

Don’t Save Your Password in Your Web Browser

Web browsers like Firefox, Google Chrome and Microsoft Edge allow you to save and store your password. While this is convenient, it is not secure.

Watch Out for Phishing Attacks

Be careful when you receive an email or text message that contains links, prompts you to log in, change your password or provide any personal information. Even if it seems like it’s from a legitimate source or someone you know personally or do business with, it could very well be a phishing scam. With a phishing scam, whatever information you provide goes right to the hacker so be sure to verify that the email or text is legitimate. Instead of clicking the link or responding to the message go to the website directly using the web address that you know to be true or call them on the phone to verify.
 


Back
Top