Feb. 4, 2013 — -- LinkedIn Hacked: 6.4 Million User Passwords Stolen from LinkedIn Website. 250,000 Twitter Accounts Hacked. How a Hacker Used Amazon and Apple Loopholes to Destroy a Tech Writer's Online Life.
Those are just a few headlines we've published on this website in the six months.
Today is Safer Internet Day. We know, it sounds super-corny, like a training day in lab safety, but if you think back over the last year you can appreciate the importance of a day dedicated to protecting yourself online.
The online threats posed by hackers and other security holes are enough to make you want to hide under your desk or find the nearest fallout shelter. But it turns out that's not necessary (even though we did that in this video!). ABC News spoke to Google Security Princess Parisa Tabriz (that's her official title) and McAfee's Security Expert Robert Siciliano about some of their top security tips. There's no better day than today to heed their advice.
1. Use different passwords for every account.
Of course it's easier just to remember one password, but when has taking the easy route ever gotten you anywhere? When there is a large-scale password breech, as we saw with LinkedIn or Twitter, you can understand why having one password is the worst thing you can do. If the password and email address that you use for one account gets in the hands of the wrong person, they can start trying it on other sites and services. Make sure you use different passwords on different sites.
2. Make sure your passwords are strong.
You also have to make sure those passwords are good, hard-to-guess passwords. Siciliano suggests that you use a mix of upper- and lowercase letters and numbers. He also says that you should change your most important passwords at least once every six months and suggests using password-manager software so you don't have to memorize them all.
3. Set up two-factor authentication.
Google's Tabriz says two-factor authentication or two-step verification is something everyone should set up on his or her Google account. Other services provide similar security safeguards. (Twitter is said to be setting some up soon too.) The service provides an extra layer of security. When you sign into your account it requires you to enter another code, which you can only get via text or a voice call. This way no one can get into your account unless they have that piece too.
4. Don't reveal too much on social networks.
"Fifty years ago, the bad guy was the KGB. They were the mole on the inside. Today we, with social media, are the mole on the inside," Siciliano said. Siciliano says we are often providing enough information via social media profiles for hackers to figure out our passwords or answer those questions in the password reset tools. He recommends being very careful about what information you share in your public profile. "Lock down your settings and don't friend everyone who connects with you," he said.
5. Protect your computer and browser.
This one used to be the most obvious and probably still is. Make sure if you are using a Windows PC you are using an up-to-date anti-virus or spyware program. Whether you are a Mac or a PC user, make sure your operating system is up-to-date with the latest security patches. Google also recommends using Chrome (naturally, it is its own browser) and making sure you have the latest version.
6. Secure your wireless connection.
Just as important is protecting the way you get onto the Internet. Make sure you have protected your home wireless network with a password and you have changed the default SSID (your network's name) -- that means changing it from "Linksys" to something else. When connecting to public Wi-Fi networks be safe about what information you are sending over it. Siciliano recommends using HotSpot Shield, a program that determines the safety of the network.
7. Shop only at safe sites.
We went over some shopping safety tips around the holiday season, but make sure the site has a little padlock icon next to the address and it has an HTTPS address before putting in your credit card number. Siciliano also says keep a close eye on your credit card bills for suspicious charges. In addition, make sure to look at the site and make an educated decision about its legitimacy. Googling it also make sense to see if any others have had issues with it.
8. Think before clicking links.
Clicking links is second nature on the Internet, but Siciliano says we should be careful before we click those lines of text. "Anybody can create a template that looks like a bank and make it easy to click links and then access my computer or online account," he says. Be vigilant about what links you click in an email, especially when they come from companies. Also, don't click on odd direct messages or Facebook messages with links. If you're friends are sending exciting photos they aren't going to do it via a link.
9. Protect your phone with a password.
Your phone is now a computer and can have as much or even more personal information than your laptop or desktop. Both experts firmly advised you password-protect smartphones. Siciliano said that Android users should also consider security software or apps. McAfee provides an Antivirus and security app in Google's Play store.
10. Pay attention.
It might be obvious, but just remember that if you're using any Internet service or Web browser you have to be smart.
"You have to do the right thing and put systems in place -- you know it's raining, you put on a rain jacket," Siciliano said. "You're on the Internet, you protect yourself with the right tools."