This article takes you through 6 simple steps you can take to improve your cyber security and stay safe online.
But why would we care about something like this? What is the point?
Last year IBM reported US$4,500,000 being the average cost of a data breach1. Another article from Forbes reports that data breaches have gone up by 72% from 2021, with 340 million victims2.
Thats something worth caring about!
1. Using your browser’s password manager
In 2024, password managers are an essential tool to store our passwords in a free, safe, and easy manner.
A browser-based password manager is a feature that automatically detects when you enter a username and password on a website. If you choose to save this information, the browser will store it securely and autofill the details the next time you visit the site.
Here are some advantages of using a browser-based password manager:
- Convenience: Autofill your login details without the need to remember every password.
- Syncing: If you change devices, any saved passwords will sync to the new device, provided you are signed in with the same account.
- Security: Helps prevent typing errors that could lead to phishing sites and stores your passwords in an encrypted format.
Here is how to do this in Google Chrome:
Secondly, how to do it in Microsoft Edge:
Finally, here is how to do this in Mozilla Firefox:
2. Keep Work and Personal life separate
Using password managers integrated into browsers like Google Chrome, Microsoft Edge, and Mozilla Firefox is a smart move for seamless internet navigation.
They store your passwords securely, making it easier to log in to various websites. However, it is common for users to save all their passwords under one account, which can be risky.
Why Separate Work and Personal Accounts? It is crucial to keep work and personal accounts separate for several reasons:
- Security Risks: If your laptop is lost or stolen, having separate accounts can limit the exposure of sensitive information.
- Unauthorized Access: If someone uses your signed-in device, they could access your accounts without your permission.
- Data Breaches: A breach in one account, like Google, could potentially compromise all connected accounts.
At Lucidity we advise using Microsoft Edge for work accounts (signed in with your Microsoft work account), and to use personal accounts (and other accounts) in separate browser profile or another browser altogether.
Here is how we can enable this within Microsoft Edge:
3. Randomising your passwords
It’s not enough to just keep work and personal passwords separated, we should also use a unique password for every account we create. This means that if your credentials are breached, they can only be used for one account. It also means that a password reset is only required for that one account vs many. Maintaining separate passwords for different accounts is a key step towards enhancing online security.
A note on password complexity:
- Short Passwords: Passwords with less than 12 characters, including a mix of numbers, uppercase and lowercase letters, and special characters, can be vulnerable to cracking.
- Longer Passwords: A standard secure password is now considered to be 18 characters long, incorporating a complex combination of uppercase and lowercase letters, numbers, and special characters (using a short phrase can help you remember this type of complex password e.g. 1Like2PlayVideoGames&EatPopcorn). This could range from billions to trillions of years to crack in comparison to short passwords3.
When you update a password, your password manager should detect the account that has changed and will update the password once you confirm this is the case, making it even easier to change your passwords to something more secure. Browsers can also help with suggesting a unique random password.
You can also use this website to help with your password creation if you want to get even more complex! Strong Random Password Generator (passwordsgenerator.net)
This website will give you the ability to make a randomised password and customise it to what suits your needs.
4. Turn on 2FA (Two-Factor Authentication) when possible
Another way for us to keep safe online is the use of Two-Factor Authentication (also known as Multi-Factor Authentication or MFA).
While having a long password helps to stay safe there is still the chance of having your passwords stolen and used in the wrong hands online or in person.
This is where Two-Factor Authentication (or 2FA) comes in – you must sign in with something you know (your password), and something you have (2FA on your phone). This adds an extra layer of assurance that its really you that is signing in. Most online accounts allow you to enable 2FA these days and a quick Google search will usually surface the instructions on how to do so.
In the case of Microsoft 365, you can manage your 2FA methods by going to https://portal.office.com. Once here, click the profile at the top right and click on “View Account”:
From here, you can locate to “Security info”:
You will see the option to “Add sign in method”. We recommend using “Authenticator app” – make sure to download the official Microsoft Authenticator app located here for iPhone and Android:
- Android: Microsoft Authenticator – Apps on Google Play
- iPhone: Microsoft Authenticator on the App Store (apple.com)
Once you have the app downloaded and you start the process, follow the onscreen instructions, and finish the Two-Factor Authenticator process.
5. Turn on HTTPS only mode for your web browser
HTTPS only mode is another way to help ensure your online safety, as there can be bad actors that use websites to trick people in to giving credentials and even stealing sign in tokens within the web browser.
It’s a fundamental way to stay safe online, as it encrypts the data between your browser and the website making it harder to steal. However, it’s not a fail-safe so always keep an eye on what you click on – if in doubt type the website address in full rather than clicking a link you are unsure about.
Here is how to turn this feature on in Google Chrome, Microsoft Edge, and Mozilla Firefox.
Google Chrome:
Mozilla Firefox:
Microsoft Edge doesn’t appear to have this feature.
6. Use an Adblocker
Did you know that even the FBI recommends you use an adblocker?4.
A good choice is uBlock Origin5, and best of all its free – https://ublockorigin.com/.
If you go to the link above, the website will detect your browser and direct you to where to download the addon. In my example, I am on the Edge browser and is telling me to download the Edge version for uBlock Origin.
Click the “Get uBlock Origin” button and this will take you to the app store of the browser and from here you can install it. In this case, I already have it installed.
An ad blocker can detect the URLs that you go to and if it detects a suspicious link, it will block it. As seen in this example here.
Another feature of an Adblocker is the fact it can get rid of ads, including Google. Here is an example of this on YouTube.
Without an Adblocker:
With an Adblocker:
Summary
This article has gone over 6 simple steps you can take to improve your cyber security and stay safe online. The world is not safe even in the digital landscape, and people are always finding new ways to scam, or bait you into giving your credentials or getting your credentials taken from you. However, the best thing that anyone can do, even after following all these instructions, is to use common sense.
Always ask yourself:
- Is this an official document? Let me confirm this first with my colleague before I do anything else.
- Ask yourself, if someone is asking for money or a payment to be made, always call the user before doing anything else. Do not make a payment, do not respond to the email, or text and always confirm before anything is done.
- This link looks weird, I may need to ask for a link from another user and confirm this is real. If you are clicking a link, always hover over the link in the browser or the email and confirm if the link is not out of the ordinary. If it looks suspicious, report the email to your organisation or IT company.
The main take away is as long as you follow some of these basic principles and add the common sense into the mix, this will place you in a better place not only for yourself, but for your company as well.