You likely use online accounts and digital devices more times than you can count. But how many steps have you taken towards keeping your devices and data secure? If you answered "few to none," we're here to help during National Cybersecurity Awareness Month (NCSAM), which is held every October.
The theme this year is "Own IT. Secure IT. Protect IT." Beyond encouraging general awareness of digital threats, the theme urges users to take full ownership of their digital presence while taking steps to safeguard it against cyberattacks. Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA) jointly lead the initiative.
In the past, we've shared a glossary of cybersecurity terms to help you differentiate between the good, the bad, and the ugly. This year, we're sharing a few simple actions you can take today to shore up your digital presence.
Swap out old passwords for new, complex passwords
One of this year's NCSAM mottos is, "If you connect, you must protect." This means you shouldn't use any device or account without first password-protecting it. It's especially important to follow this guidance when you're using accounts that contain sensitive information, such as email accounts and online banking services.
Take some time to switch out all of your old passwords for new, secure passphrases. To make them as long as you can, start with a movie title or catchy phrase rather than a single word. Then, mix up the phrase with special characters, numbers, and capital letters as well as unconventional spellings.
These days, email addresses often double as usernames. A 2015 study conducted by Dashlane revealed that the average email account was associated with 130 other accounts. For this reason, you should avoid recycling the same password over and over again. Create one password for each account. If one account becomes compromised, your others will remain secure.
Use a password manager to memorize your login credentials
Once you have a new series of unique, complex passwords, you'll have to store them somewhere. If you think a mental note or pen-and-paper password log is the safest place to keep your credentials, you're not alone. In fact, 84% of adults use only written lists or memory to keep track of passwords, according to a recent Pew Research Center study. Not surprisingly, the study also revealed that 64% of American adults have experienced at least one data breach that may have compromised sensitive personal information.
However, a 2017 survey conducted by LastPass found that respondents had an average of 191 passwords to manage — far too many to memorize. This strategy might have worked in the early days of the Internet, but it only invites cybersecurity breaches nowadays.
Instead, create your own digital keychain through a password manager. Such a system will be able to track as many accounts and passwords as you create. Even better, many can sync across multiple devices, so that if you create a new online account from your phone, you'll be automatically logged in when you visit the site from your laptop.
Some web browsers and devices offer free built-in password managers, or you can use third-party service to track your passwords. For an added layer of security, opt to use multifactor authentication (MFA) whenever possible. With MFA, you'll login using two credentials, such as a password and a unique security code that's automatically sent to you via text message.
Keep in mind that a password is the first line of defense against a cyberthreat. If you choose to use a digital keychain, make sure you password-protect all of your devices and lock them while they're not in use.