I’ve been continuing to deliver free digital skills workshops to older Bournville Village Trust residents at Shenley Court Hall. This month’s workshops have focused on staying safe online. Here are some straightforward tips for improving your online security today.
Download software updates
Renowned security technologist Bruce Schneier famously said, “security is a process, not a product“. I’d go one step further and say security is about re-training your brain into good habits.
One of the best habits you can adopt is to agree to rather than ignore the system and app updates your computer, tablet or smartphone will regularly ask you to install. Software updates provide important security upgrades, patching the vulnerabilities criminals use to access your system. Upgrading your software also usually brings with it the latest useful features.
While nowadays most devices will alert you when new updates are available, it’s still worth checking manually from time to time, especially if it’s been a while since you last installed an update. Every system handles updates in their own way. Check out the government’s Cyber Aware website for step-by-step advice.
Prompts to update software rarely come at a convenient time. Rather than shelve the update altogether, make it a habit to check and run updates before you shut down your device or overnight in the case of your mobile phone. Doing this once a week or even once a month will make a big difference to your online security.
Use strong passwords
The other key message I delivered in my workshops was to use strong passwords.
In the past people have been given lots of weird and wonderful advice such as using a combination of upper and lower case letters, numbers and even symbols. Unfortunately, this advice has largely had the effect of encouraging us to choose passwords which are hard for us to remember but are still easily hacked.
I’m pleased to say the government’s current advice is a lot more user-friendly and recommends we choose three random words and combine these into a single password. Choosing real-world words makes it easier for people to remember while the combination of three random words creates a long password that all but the most determined hacker will struggle to guess.
Learners at my workshop were a little taken aback at what was involved in setting a strong password and were refreshingly honest about how weak their current passwords are.
If you find yourself in the same boat I recommend you start my making a list of all the online accounts your currently have and what passwords you use for them. Once you’ve done that, start to work your way through your list, starting with your most important accounts (which will generally be your email and banking accounts, followed by social media).
Use unique passwords
Along with using weak passwords, another major risk comes from re-using the same password for multiple accounts. That way, if a hacker compromises your Netflix account, for example, they’ve got a good chance of also accessing your email and social media.
Many of the older people I have been teaching struggled to remember their passwords and so were tempted to re-use simple, easy to remember passwords despite knowing the risks. To get around this problem, I encouraged them to write down their passwords in a notebook and keep them in a safe place at home, ideally without listing the email address or username associated with each account. Online security is about weighing up risks so if a notebook allows you to use strong, unique passwords, the benefits of doing so most likely outweigh the risks of a burglar finding your notebook and using it to access your online accounts.
Password managers are a digital alternative to keeping your passwords in a notebook. I use LastPass to store my passwords, which means I only have to remember one single ‘master password’. Password managers will also help you set strong passwords and populate online forms with your login details, saving you time. LastPass is a popular option but other managers are available. Simply search online or via your device’s app store for more options.
Use two-factor authentication
With just two hours per workshop, I focused on the two key messages from the government’s Cyber Aware campaign: software updates and strong passwords. Had I more time, I would also have encouraged learners to use two-factor authentication to secure their email and other important online accounts.
Two-factor authentication (sometimes known as 2-step) describes systems which require users to provide two forms of proof that they are authorised to access an online service. In addition to their usual password, users are prompted to enter a code, which is often sent to them via a text message or similar notification system.
My learners had already taken onboard a lot of information since joining as absolute beginners in February and probably would have struggled to get to grips with two-factor in a single workshop. If you’ve already addressed software updates and strong passwords, please check out a blog I wrote last year on how to use two-factor to take your online security up another level.