Fun

An Idiots Guide To Computer Security [Comic]

Most computer security mishaps are a result of human error. Sure, systems can fail. However, most of the time, humans are the weak link. When it comes to digital security, the best tips are often the simplest. Here’s our top 6:

computer-security-comic

This comic was created by Safely Endangered comics for the Toggl Team – the people behind the world’s no. 1-time tracking app. So what are these tips really about? Well let’s break them down:

1. Use strong passwords

We know, you’ve heard it a million times. But maybe this time it will stick.

Using a series of random words is much more secure a password then a jumble of letter and numbers. It makes the passwords you do need to remember (like the one to your password manager), more secure. It takes a computer much longer to guess full words than random letter scrambles.

Opening a dictionary and just picking words at random is a good strategy. Want to know more about what makes a good password? Check out this XKCD comic:

password_strength

2. Don’t reuse passwords

Don’t just use a variation of the same password. If someone guesses one password then a computer can, with ease, guess your variations, making it highly insecure. See comic above for more info.

3. Use a password manager

Let’s face it: your brain is a dummy. It won’t be able to remember plenty of good passwords. And after all, the best passwords are the ones you don’t remember. A password manager is the only way to have a wide variety of truly secure passwords.

Password managers are easy to use, cheap or free, and can save major frustrations in the long run. Worried what could happen if someone gets the password to your password manager? This is a common reason cited for not using managers and it’s a bad one at that. Why?

Most password managers use multiple login verification steps. So if someone did get your password, they still wouldn’t be able to login. Good managers will also have the option to enable 2-factor-authentication. Don’t know what that is? Skip down to #5 for more info.

4. Look at URLs

Never enter personal information before knowing that you’re on the correct site. Phishing is one of the easiest ways for hackers to get your information. What is phishing?

Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details etc. for malicious reasons, by disguising as a trustworthy entity (such as a site you know and trust with your information) in an electronic communication.

Always check URLs before you click on links (in emails and online). Make sure you’re on the right page when you enter login information. After all, it could be just a fancy copycat.

5. Don’t allow physical access to your machine

This one is a bit different from the rest. The physical security of devices is important partially because people don’t often think of it when they hear ‘digital security.’ Your actual physical phone or computer tends to be where you let your guard down.

If you have an unlocked device, it wouldn’t take much time for someone to install programs that do tons of fun malicious things (like tracking your keystrokes to get your passwords) without your knowledge. Make sure you lock your computer when you leave it and always protect it, and your other devices, with secure passwords.

6. Enable 2 Factor Authentication

If someone steals your password, then 2FA can prevent them from logging into all your precious accounts. 2 Factor Authentication means that you’ll need 2 devices to login. Generally, the devices are a cellphone and a computer. Your first device (let’s say your computer) will need a token (generally a string of random numbers or letter) that you can retrieve from an app on your phone.

Enter it after your password and you’re in your account. Don’t have the second code? No dice. This helps prevent strangers from getting into your accounts. Unless someone takes your phone, then you may be screwed.

We don’t mean to worry you and by no means should you throw your computer out the window in an attempt to rid yourself of this threatening digital world to which you’ve just been exposed. Instead, we’d like you to think of the internet as a busy city.

It’s somewhere you can go and experience amazing things. Sure, there are bad things that happen. But as long as you know what to look for and approach your activities with warranted caution, you’ll be able to still have those experiences that drew you there initially.

Now go change your passwords.

By On April 19, 2018

  1. Talking about passwords… Have you ever heard of things called dictionaries? I mean, for brute force attacks…? Please don’t mislead people to stupidly place 4 common words as a password, its like placing 4 letters…

    • Hi Yuri – Emma here. Most services that offer 2FA will also have backup codes. So if you lose your phones or otherwise can’t get codes via text, voice call, or an authenticator application, then you’ll be able to still login with those downloaded codes. Hope that helps!