The cyber world can be a treacherous place. Hackers looking to gain access to social media accounts for cheap thrills or worse, are everywhere.
While not everyone is a target, simply safeguarding your online identities can save you from a lot of trouble. You wouldn’t leave your house without locking it up as securely as possible, so why not afford the same diligence to your social media accounts?
No matter how subtle the threat, learn to shield yourself from that stalker in the office, your snooping relative, an ex, or a determined hacker.
If you consider yourself a 'security noob', the following nine are the absolute basic ways to counter threats to your security on the web.
1. Minimise your digital footprint
Hackers can use your publicly available information to find admission into your account. For example, if your secret question is about the name of your pet, and your Facebook album features the said animal with his name, then it is valuable information to a hacker. It would be best to have your future posts limited to friends only.
Meanwhile, to limit old posts on Facebook, simply go to the ‘Privacy’ menu under ‘Settings’, and locate the ‘Limit Old Posts’ option under ‘Who can see my stuff’?
2. Understand how Phishing works
Every other person I know has received text messages on their smart phones seemingly from Facebook, which provide users with links to reset their passwords.
These are unsophisticated attempts at tricking users into clicking on fake URLs in order to dupe them into revealing their password. Never click on these links.
If you are concerned, simply visit the website by entering your account details in the browser yourself.
3. Pay attention to your password:
If your password is ‘123456’, ‘qwerty’, or ‘iluvafridi’, then you are asking for trouble.
There is a reason why hackers send you phishing emails, a Trojan, or attempt to use Keyloggers. It is because these gimmicks can give them access to your password. But if your password is easy to guess, then they don’t need to resort to such complicated tricks.
Also read: FBI's most wanted cyber criminal arrested in Karachi
Sophisticated hackers can also employ software designed to guess passwords by the process of elimination. These are called ‘brute-force attacks’. Gmail recently started issuing alerts to users who are being targeted by world governments. The hunted are usually activists and journalists.
The longer the password, the more difficult it will be for a program to hack. It is also best to avoid using famous words, dates and the like.
Needless to say, change your passwords frequently.
4. How to create an unhackable password
Yes, you too can create a password that even Neo, Morpheus and Trinity would find challenging to break.
A study from Georgia Tech Research Institute states that if your password is at least 12 random characters long, then you are relatively safe from brute-force attacks.
Senior researcher Richard Boyd said, “Eight-character passwords are inadequate now. If eight characters is all you use, and if you restrict your characters to only alphabetic letters, it can be cracked in minutes.”
But a long password is only half the battle. It should also feature a random string of symbols and letters for extra fortification. Of course, such a complex password would be difficult for anyone to remember, and writing it down on a piece of paper isn’t advisable either.
Experts offer a simple solution to this. Simply make up a sentence you are likely to remember and use the initial letters to form your password. Add a few random symbols if need be.
For example, if my secret sentence was: “I love writing for Dawn.com. Hope they give me a raise in ‘16”, then my password would be: IlwfD.c.Htgmari’16
If I spiced it up, the code would be &IlwfD.c.Htgmari’16$.
5. Consider investing in a password manager software
If you have some serious heat on your tail, then a password manager could be what you need. These softwares range from USD10 to USD40 and offer multiple layers of security in an easy-to-use programme.
PCMag.com suggests Dashlane 3 and LastPass 3.0 Premium to be two of the best password managers available.
6. Use security software and avoid unknown websites
This may seem like an obvious suggestion, but powerful anti-virus and anti-malware software can keep your system clean from dangerous programmes designed to compromise your security.
Of course, you can avoid getting infected by keyloggers and trojans by sticking to trustworthy websites only.
7. HTTPS vs. HTTP
In a nutshell, HTTPS is the secured version of HTTP.
Whenever you login to your social media platform, use the former address rather than the latter.
8. Use two-step verification:
Let’s say disaster strikes and a hacker has your password. If you’ve enabled two-step verification, he still won’t be able to access your Facebook, Gmail, or Twitter accounts.
When you activate this process, your favourite social media platform will not allow the hacker entry into your profiles from an untrusted computer source without the verification code that is sent to your cellphone.
If someone has access to a secure system such as your smartphone, then, revoke your app password and change your account password as soon as possible.
9. Avoid insecure communication streams
Although Gmail, Hotmail, and Yahoo are still not impregnable against the big boys, they are certainly safer than the run-of-the-mill company email accounts in Pakistan.
Dawn.com Editor, Jahanzaib Haque advises that messages sent via Google Talk, Facebook Chat, and Whatsapp are more protected compared with the more fragile local SMS services.
Also read: Is online privacy dead in a post-Snowden world?
For even greater end-to-end security, digital rights activist Nighat Daad says the Signal app available on smartphones is the best option.
In the end, try to find a balance between your security options and your surfing patterns.
With a little common sense, you can enjoy your time on the internet without having to resort to inconvenient and cumbersome protection methods.
Safe surfing!