A recent report claimed that a group of Russian cyber-criminals has amassed the largest known collection of stolen Internet credentials. Based on the findings of Hold Security, an information security research firm in Milwaukee, U.S., it was reported that the group has acquired around 1.2 billion user name and password combinations along with over 500 million email addresses. Hold Security has uncovered important security breaches in the past, including the hack of Adobe Systems last year.
The Internet credentials were gathered from around 4,20,000 websites in a span of just four months. The research firm did not identify the origins of the data or name the victims, according to the Times report.
Forbes reported, that they are skeptical about what the NY Times reported as “the largest known collection of stolen Internet credentials.” But counting the exact number of victims or just merely guessing what the cyber-criminals will do with these credentials will not help average everyday Internet users secure their personal information.
Securing devices, using stronger passwords and setting decent level of privacy on social networks are among the simple steps that might help.
Here are five simple digital safety tips:
1) Secure your smartphones, tablets and other devices first. Smartphone and tablet users are growing everyday in India, however, most users are simply relying on “swipe to unlock” to secure their devices. Needless to say that it is equivalent to not having passwords at all. While having a pattern or pin to lock the device is highly recommended, it is better to secure them with passwords which are difficult to crack. Yes, it is inconvenient at times, but then, do it for your own good.
Your smartphone or tablet is a highly personal part of your daily life. It contains your open email addresses, social media accounts, banking information and more. Handing over your smartphone or tablet to someone or misplacing them without any device password might be disastrous. It is your personal device try to keep it to yourself. Also, use security features like remote wiping of data in case you happen to lose your device.
2) Long and strong passwords. The recommended minimum eight characters may not hold good any longer. It is better to have at least 15 characters or more for email addresses, social media accounts, banking websites and other important online accounts. If possible, use combinations of letters and numbers, upper and lower case and symbols.
Even if your vocabulary is good, avoid dictionary words. There are tools to crack the hardest of the dictionaries.
Birthday, anniversary, ZIP codes or other easily attainable figures should be avoided at all times.
Make it long and mix it up.
3) Don’t reuse passwords on other accounts. Depending on the importance of an online account, it is better not to repeat passwords. For playing games, reading articles, filling surveys and doing other light stuffs, you can have a simple password and then repeat it. Also, there is no harm in lying while filling in registration forms for unimportant online activities.
However, always use different passwords for different email addresses, banking sites, social media accounts and other important web accounts. It is also advisable to use a different email ID altogether for online banking.
4) Use two-way authentication. If two-way authentication is available, use it always. In two-way authentication, the service provider will send a text message with a one-time code to your phone after you have entered your password. The process may differ from service provider to provider, however, it is way more secured. Intruders won’t be able to access the account without having your phone.
5) Change passwords very often. It is a good habit to keep changing passwords, be it for social media accounts like Facebook, Twitter, etc or online banking or even ATM pins. Changing passwords once a month is a good thing to start with. Also, it is advisable to keep track of your account activities by generating reports which shows log-in date, time and location.
Remember, your digital life is highly personal and it is your responsibility to secure it.