Friday, October 15, 2021
Media contact: Gail Ellis | Communications Specialist, Writer | 620-515-2498 | [email protected]
Much of the public lives online today, performing tasks such as shopping and banking to communicate with friends and family. While convenient, sharing information online is risky. October is Cyber Security Awareness Month, and there’s no better time for a reminder on how to play safe in the digital landscape.
A password is the gateway to any account, and the common practice of changing it is essential to protect private information, said Isaac Wallace, IT support specialist in the IT department for Oklahoma State University Agriculture.
“Your bank accounts, credit cards, Amazon account, credit score information and more are all accessible with a password, so if someone were to gain access to your account it could be devastating,” Wallace said.
It’s tempting to choose a password for multiple accounts that is easy to remember, but selecting the name of a family member, friend, or pet is strongly discouraged.
“I can go to a social media profile and find someone’s birthday, family, and friends just by doing a little sleuthing,” Wallace said. “Instead of easily guessable words, choose a unique, long, random password. It is exponentially more difficult for a hacker to crack a 24 character password with each additional character increasing security.
A password cracker can deploy several tricks to crack a code, including a method called a dictionary attack. Words commonly found in many passwords are collected in a dictionary that hackers use first when trying to identify a password.
Passwords are compromised by both automated bots and humans and range from major company-wide breaches to one-off security attacks. Often, stolen private data is sold and scattered across the Internet.
To reduce the potential for password discovery, Wallace recommended using a password manager that can store all passwords in a safe and secure online space and even generate new passwords when suspicious activity on the account is detected. Apple products offer the Keychain Password Manager, and both Google and Firefox have options built into their systems, such as Google Password Manager and Lockwise. Bitwarden, 1password, and LastPass are also commonly used.
“Password managers are a top target for hackers,” Wallace said. “Password managers will encrypt data for security reasons, but you should still create a good, strong password. ”
OSU Agriculture IT recommends choosing a password made up of random sentences, rather than individual words, accompanied by an uppercase letter, a few numbers and a few symbols. Password security practices may also include multi-factor authentication that requires confirmation of an account login on a second device. Another simple but smart way to increase account security is to pay attention to breaches in the news.
“If you don’t realize that a business you have an account for has been hacked and you don’t change your password, it stays exposed online for a week, two weeks, a year or as long until what you change her, “Wallace said. .
Comfortable on social networks
A password unlocks private information online, but what happens when someone voluntarily gives the details through social media? In a blog post earlier this month, Levi Arnold, computer scientist at OSU Agriculture, explained how safely use social media channels. While there are several social media platforms out there, Facebook is often the main offender in hacking because it is a heavily used medium.
“Facebook doesn’t delete information, so if the security settings aren’t turned on it’s easy to scroll through the years and see a lot of a person’s life,” said Arnold.
Facebook hacking, for example, can involve several steps. If an account is compromised via a stolen password or if the account password has been reset via one of the security questions, the account holder must reset their password or contact Facebook to lock the account as soon as possible. Hackers can also try to impersonate a Facebook user by creating an account that looks like someone’s original profile.
“In that case, changing your password won’t solve anything because it’s a completely different account,” Arnold said. “Contact Facebook immediately and explain that the second account is not you and the profile should be deleted immediately.”
Unfortunately, when a social media breach affects finances, bank accounts must be frozen. Then the painful and time-consuming process of starting over – contesting fees, changing passwords, and getting new account numbers.
Arnold said some employees at OSU County Extension Offices were scammed on social media when someone claiming to represent Facebook called and asked for credit card information.
“Facebook is never going to call and ask for a credit card number or password,” Arnold said. “The best advice on Facebook and social media is to be a little careful. If you see a strange message or someone sends you a questionable link, take a moment to ask yourself, “Why am I getting this? ”
Never answer online questionnaires that ask for details about birthdays, friends, family, and other life events, and never publicly share schedules or addresses. Arnold blog post in honor of Cyber Security Awareness Month covers more details on how social media users can protect their identity.
“It’s easy to take preventative action, but once your information is available it’s almost impossible to get it back,” he said.
Many cybersecurity blog posts are available from OSU Agriculture IT.