Image: Threats and Attacks Against Your Network, Aries Institute of Technology
Yesterday’s Tip #15 mapped out the perils of sharing your password and why it’s important to have a robust and different password for each of your accounts. Today, we offer some tips for creating a strong, secure password.
- Don’t use one password across multiple accounts. It’s possible that an employee at a site where you use that password could share it or use it to break into your accounts at other sites.
- Create passwords that are at least 8 characters long. The longer the better; lengthier passwords are harder for thieves to crack.
- Avoid using simple dictionary words. If it’s in the dictionary, someone might guess your password. There’s even software that criminals use to test for real words used in passwords.
- Infuse numbers, capital letters and symbols into your password. Consider using a $ instead of an S or a 1 instead of an L, or including an & or %. *Note that “$1ngle” is NOT a good password. Password thieves are onto this. But something like “Mf$1avng” (short for “My friend Sam is a very nice guy”) is an excellent password.
- Don’t post your password out in the open. This might seem fairly obvious, but studies show that many people post their password on their monitor with a sticky note. Not a good idea! If you feel that you must write your password down, hide the note somewhere where no one can find it.
- And of course, never tell anyone your password. Never give it to friends, even if they’re your best friends. A friend might – perhaps even accidentally – pass your password along to others or become an enemy and abuse it.
Our website has more details about Fordham University’s password policies and guidelines.
By Nicole Kagan, Fordham IT News Editor
Your car needs regular servicing to keep it in good condition. Your computer, mobile devices, and software applications need regular “check-ups,” as well.
When your computer, mobile device, or software application requires an update, make sure it gets done. Attackers look for security loopholes in operating systems and the software that runs on them. These gaps need closing in order to make sure your system and personal information are safe.
The newest version of any operating system—be it Microsoft Windows, Apple Mac OS X, or Linux—is generally the safest to use. When a security patch or update is released, seriously consider upgrading, unless you’ve been instructed otherwise. (If Fordham IT believes a new version will be incompatible with some of the University systems, the community is asked to wait to update for a short time while we run tests.)
Similarly, every piece of software installed on your system may need updating from time to time, to close known security holes. Software that needs frequent updating includes the common applications that allow you view online content, read PDF files, or watch videos. Since Java, Adobe Reader, and Flash are installed on millions of computers, their popularity makes them a common target for attackers. For more information about the latest updates, go to their company’s respective websites.
Lastly, it’s essential to update your anti-virus software and to always use the most updated version of your web browser to avoid falling victim to infected websites. Fordham University offers free antivirus protection to all students, faculty and staff. More information about antivirus protection is on our website.
1937 Map of the Bronx
When you got back from vacation, your friends looked at you with amazement and admiration: You went to the Louvre in Paris, the Forum in Rome, AND you ran the Great Wall Marathon in China. They know this because every time you stopped for a croissant, a dish of pasta, an egg roll, or to tie your sneakers, you geotagged your location on all your social networks.
Location tagging or geotagging yourself on social networks is never safe. While it might look cool that you’re visiting iconic places or doing incredible feats (or just mundane things), at the same time, you risk cluing in a stalker about exactly where to find you, or telling a thief that you’re not home.
Whenever you geotag, you’re not only talking to a small group of friends. You may potentially be talking to anyone on the Internet. In general, location tagging is not a safe feature to activate, so do your best to avoid it.
Read more about geotagging on The Daily Beast.
Image: Charles Clegg, Flickr
Always remember: there is no permanent “delete” button on the Internet. Once you’ve posted information about what you’re doing or where you’ve just been, it’s easy for attackers to seize your personal information and take advantage of you. Even if you’ve deleted your post, chances are someone saw your information, and that it’s circling somewhere on the web.
Search engines like Google and Bing make a copy of every single webpage, for example, which they then index and essentially freeze those pages in time, unless they’re refreshed by your browser. Archival services like the Internet Wayback Machine take snapshots of as many sites as they can for research purposes, and the Library of Congress receives regular archival copies of the entire public Twitter universe. Every single Tweet!
Be wary that once you post, people might be able to target you, even if you’ve deleted something from a social media site. Thieves could know that you’re out of town and rob your empty house, or they might choose to snag information off the boarding pass photo you just posted and deleted on Instagram.
So long story short, think twice before publishing sensitive information on the web. Make sure that what you’re posting won’t allow someone to take advantage of you.
Resource: The Internet Doesn’t Have a Delete Key.
Everyone has unique fingerprints. The images above shows work by Cheryl Sorg, an artist who creates portraits of people’s thumbprints.
Identity theft happens when someone accesses your personal information and uses it without your permission and for their personal gain. Information that can be stolen and used includes bank account numbers, credit card numbers, utility bills, and health insurance policies. Someone with your personally identifiable information (PII) can even file a tax refund in your name and get your refund. There’s even been cases where a thief gives another person’s name during an arrest.
To protect yourself against identity theft, be vigilant about sharing your personal information. Guard your passwords like you do your wallet and any sensitive information.
If your identity is stolen, having a good plan to address the situation will help minimize the effects. Identitytheft.gov outlines a plan, which is summarized below. Also, contact Fordham’s IT Customer Care. They’re prepared to help you figure out what your next steps should be.
Step 1: Call the companies where you know fraud occurred.
Step 2: Place a fraud alert and get your credit report.
Step 3: Report identity theft to the FTC.
Step 4: File a report with your local police department.
Step 1: Close new accounts opened in your name.
Step 2: Remove bogus charges from your accounts.
Step 3: Correct your credit report.
Step 4: Consider adding an extended fraud alert or credit freeze.
Identitytheft.gov lists other steps for specific situations, as well, such as tax-related identity theft, resolving child identity theft, and replacing government-issued issues.
John_Smith. Fordham_Baby_Girl. Tatiana19. Fordham_QB_52
When selecting a screen name, avoid a name that might identify you. Even an identifier that partially reveals who you are, like some of the examples in the list of screen names above, can be combined with other online information about you. Together, that information might lead someone to discover your identity.
Use different screen names for different applications; it makes it more difficult for strangers to stalk you. Be safe and smart when you’re online! Choose a screen name that won’t reveal who you are or potentially embarrass you around relatives, future employers, or school admissions officials.
Read WikiHow’s article on choosing a safe screen name.
Image credit: DHGate, DIY Hand Painted Halloween Masks
Whenever you post information about yourself online, be cautious about what you share. Even if you don’t post your exact address, related information can lead a stranger with bad intentions directly to you. For example, the name of your neighborhood and school, the bus or subway routes you take, and even a description or picture of your home may give away lots of clear details about where you live.
Anything you post, even if you delete it later, should always be considered permanent. That means not just a picture of your front yard, but pictures of yourself at a party in a not-so-pretty state (wearing a priceless Tiffany lamp shade on your head, for example). If you don’t want your relatives, future employers, school admissions officials, or strangers to see certain pictures of yourself or find out details about your life, then don’t post.
Less is more. Play it safe, and you won’t have anything to regret later on.
Read more about Cyber Security Awareness Month.
A recent survey conducted by consumer reports indicates that Americans are still not getting the message about protecting their personal information despite recent data breaches. Consumer Reports said that one in seven US residents, or about 45 million people, received some kind of notice that their personal data was compromised.
Learn how your privacy can be compromised:
Facebook has finally added a new feature to browse the popular social network on a secure connection. However, it is not yet turned on by default.
Facebook offers HTTPS browsing, but not yet by default ZDNet