For the millions of people at home with friends and family for the festive season; It's also the time of year to fix the home's spotty Wi-Fi or get in the way of technical questions.
Give the gift of safety tips instead this holiday season. This is the best time of year when you can lend a hand in making meaningful changes that will strengthen your loved one's cybersecurity. That doesn't mean that fixing a family printer isn't worth your time. But sharing a few security tips can go a long way in protecting you from the most common online threats you care about.
As someone who has covered hackers and breaches for over a decade; I think of cyber security as an investment in something you look forward to. No one wants to experience that “oh s—t” moment when they realize they've been hacked. Or your bank account or online wallet is battered, but you don't know their account, and many default to the mindset of “It'll never happen to me.” Passwords from yesteryear may not be an adequate defense against the efforts of today's hackers.
Often, Spending a few minutes with friends and family can be all the motivation you need to start and stay on top of cybersecurity.
We asked Rachel Tobac, CEO of SocialProof Security, a company that provides security awareness training to help people defend against cyber threats before they strike. and Caitlin Condon, director of vulnerability intelligence at cybersecurity firm Rapid7, to share their top security advice with friends and family. Their recommendations are to focus on security basics that will do the most work to secure your online accounts.
An important part of passing on effective security advice is helping your friends and family get started with the apps and security features they need to stay safe. In this way, They can learn with you and build on those new habits and practices over time.
“It is not enough to simply recommend or install security technologies. We need to help loved ones learn how to use these technologies to build trust and confidence,” Condon said.
Set up a password manager that stores complex and unique passwords.
“When I go home for the holidays, A lot of times the family asks for things that aren't the top thing they're going to focus on,” Tobac said. It's not a good idea to advise a family member about crypto — for example, if they reuse the same password for every online account they have, Tobac said.
The best password is one you'll never remember, and that's one. Password manager can help Password managers can store your login details and generate and store complex and unique passwords, so you never have to remember the same password across your various online services. (By using the same password on the Internet, all those accounts are more likely to be hacked if someone guesses or steals your password.)
There are many password managers out there to choose from. You probably already have a browser and it's on iPhones and iPads. Their own Passwords app. Bitwarden It's also a popular free password manager. This allows you to access your passwords from your phone.
“Especially if they're not very tech-savvy, it can help them sit down with their loved ones and set a master password; installing browser plugins; Creating and saving new passwords — starting with financial or healthcare sites — and logging in and out of a password manager,” Condon said.
A common fear, Condon says, is the fear of forgetting or losing the master password that locks your password manager from outsiders. Some people choose to write down a copy of their master password and keep it somewhere in their home for safekeeping.
“In my experience, It's far less risky to write down a master password somewhere in your home than to reuse easily guessed passwords,” Condon said.
Multi-factor authentication can save the day.
A password alone isn't enough to protect your accounts from intruders. Some The biggest hacks of 2024 Maybe it's because corporate giants forget to implement basic security features like multi-factor authentication (or MFA), which allows hackers to log in instantly with a stolen password.
Having a second layer of security on your online accounts, such as MFA (also known as two-factor), makes it more difficult for someone with your password to access your account. MFA works by sending an additional second code via text message to the device you own or asking you to generate a code in an authentication app.
“Whether it's a code or a text message. “Especially for essential accounts like your email address account — help unlock a code or text message — which is the key to the castle for all your other accounts,” Tobac said.
Tobac recommends locking your phone carrier's account with MFA; Because — just like your email account — if you forget your password, anyone with access to your phone number can access the linked online account. That's why some prefer to use an authentication app generated on a device instead of sending a text message (which can be intercepted) to their phone.
There are many authenticator apps. It is a popular choice. Duo mobileIt's a simple app that generates second-factor codes while having an optional cloud backup in case you lose access to your phone.
Remember, any MFA is better.
Be 'politely paranoid' on the phone.
“Another thing I regularly encounter is spam texts, phone calls, emails, notifications, visiting dangerous websites or logging in and providing personal data,” Condon said.
Often, Allowing calls to voicemail is an effective way to avoid fraud and scams. Even with caller ID. The phone calls make it difficult to know for sure. Who is legit talking to you?.
Tobac suggests. “civilized paranoia”; A way for people and companies to verify who they are by using a different method of communication before handing over potentially harmful information, such as a credit card number or password. Tobac explained that if you get a call from your bank to say there are outstanding charges on your account, you can politely hang up and call back using the valid number on your bank card.
The same goes for any callers who may ask for information but aren't sure who it is. The organization's website to check for yourself before taking any action. You can check the app or secure message inbox.
By bookmarking those common websites in the browser for easy access, your relatives can confirm any doubts in seconds.
“Help your loved one remember to send secure messages or check account transactions so they can access them safely.” Condon “Show how to navigate to those websites via pinned bookmarks or browser shortcuts.”
password manager; Multi-factor authentication and “polite paranoia” on the phone are the simplest and most effective roadblocks for malicious hackers. Ensuring a foundation of cybersecurity (and understanding the importance of your loved ones) is a great place to start with friends and family, Tobac said.
“This is the best gift they can give,” Tobac said. “A gift that cannot be stolen”