You use the same password for everything.
Your passwords are obvious — and weak.
Your webcam isn't blocked.
You give applications way too much info.
You allow in-app purchases.
You put off software updates.
You do work at a coffee shop — or the airport.
Your home WiFi network is public.
You make an account everywhere you shop.
You click on e-mails that look legit.
You lend your computer to a friend.
It's obvious, but 'fess up: Are you guilty? You absolutely must have varying passwords for all your accounts. Otherwise, if a hacker figures out one of your passwords, they know them all. To keep it easy, rely on software — like KeePass, LastPass, or 1Password — to store them and just unlock accounts with one master password.
No, your cat's name is not a fool-proof pick (and neither is "password123," your name and birthday, or anything else that's super easy to guess). Here's how to make and remember a strong password: Pick four common words in the dictionary and make up a story about them. So, if your words are "correct," "horse," "battery," "staple," your story could be, A horse looks at a battery with a staple in it and says, "Correct." Your characters can be nonsensical, but the story should make sense to you in your head. There's your password, and because of the story, you'll have no trouble remembering it, says Justin Cappos, professor of security, operating systems and networks at NYU Tandon School of Engineering.
Even Mark Zuckerburg, Facebook's CEO, covers up his microphone jack and laptop camera, but it's not just famous people who should be worried, warns Cappos. The director of the FBI recently said masking your webcam when you're not using it should be as commonplace as locking your car. To do it: Place a piece of solid tape or a Post It note over the little camera above your screen. Easy!
When you install an app on your computer or tablet, it often asks for access to various tools, like the camera or microphone — but they're not always necessary, Cappos says. "Look at the permissions that you're granting them, and ask yourself, Is this something they need to have to provide me with the fun I crave?" he says. Giving an app free rein of your device means more people get more information that you can't control. Set boundaries to the bare minimum and upgrade, as needed, from there.
If your kid knows how to operate your tablet even better than you do, parental controls are a blessing, says Augusta Nissly, program coordinator of at the Family Online Safety Institute. One big one: Turning off in-app purchases. "Set it so that in-app purchases have to be approved with a code, or give your child an iTunes gift card to manage their money over a period of time," she suggests. This way, they're not giving hackers a one-way ticket to your bank account, and you're not spending a ton on apps and games.
The notifications that it's time to update your software aren't just there to annoy you, we promise. "People should think of those as your computer saying, Hey, a bunch of hackers now know how to get into your system. Please restart, and when you're back up and running, we'll make sure they won't know how to have access to it," Cappos says. Whether it's on your smartphone, laptop or desktop computer, always opt for the update — and do it ASAP!
Using public WiFi when you're working on sensitive matters is not a great idea because you can't protect the files you're sending or receiving. "It's like leaving mail on someone's doorstep and hoping the right person picks it up," Cappos says. Stick to WiFi networks that have "WPA" or "WPA2" after the name, which means they're secure (Macs indicate secure networks with a lock icon, too). Secure networks automatically encrypt sites you visit, which means it jumbles up your files so a third-party can't look at your stuff.
Even if you live on a secluded street, your WiFi network should be set to encrypted, not public, because anyone could still come nearby and connect to it. "Unencrypted WiFi is like sending all of your bank statements on postcards," explains Tony Anscombe, senior security evangelist with AVG. Having a password on your WiFi might be inconvenient to visiting guests, but typing a few characters to log on never killed anyone.
If you tend to do all your online shopping on Amazon, it's totally fine to store your credit card info with them, says Ascombe. But you shouldn't be doing that for every place you buy an item. "Go through checkout as a guest," he suggest. This way you aren't just leaving your personal data all over the Internet.
Email providers have gotten better at weeding out suspicious messages before they hit your inbox, but hackers can still slip you a manipulative email and steal your information, says Michael Kaiser, executive director of the National Cyber Security Alliance. These messages usually look legitimate, and use your bank's logo or language, but ask you to do something that your bank never would, like call and provide your account information. They also almost always have a sense of urgency, and use alarming language. "If you think something looks suspicious, don't click it," he says. "Log in to your bank account's website and see if there's a problem there, too."
It's okay to have one home computer that everyone uses, but set up separate logins so that everyone's materials are separate. And if you use a mobile device, like a laptop or tablet, be super careful of who gets their hands on the device. Someone you know could make any one of the mistakes above and open you to risk without your knowledge. Fun.