01. Use multi-factor authentication(MFA also seen as 2FA)
There is a great website that will identify if your application you use will support MFA twofactorauth.org
something you know (Ex. Passwords or passphrases)
something you have (Ex. Authy or RSA tokens)
something you are (Ex. Fingerprints)
02. Set all passwords to be unique.
Do not share password with anyone or any other accounts. If you have an account with an organization that has been breached or disclosed that they lost passwords – change your password ASAP.
03. Set passwords to be 15 characters or longer.
Set passwords to be 15 characters or longer. Change all default passwords, as example your home ISP router.
04. Store your password in a safe place.
Use a software program called a password safe to store your passwords. I usually recommend – lastpass, keepass or 1Password.
05. Update all software.
If you installed it update it on all your devices.
06. End point protection.
wherever possible use an anti-virus (AV) program and a personal firewall. Avoid Free Wifi and public computers. Be very careful with USB thumbs drives, they might contain malware.
07. Be aware and cautious of social engineering (SE).
Social engineering is getting (persuading) someone to do something they otherwise would not do. Ask a lot of questions if you suspect you are being social engineered. A good social engineer will get very manipulative so don’t be surprised. SE can be done in person (physically) over the phone (vishing) and via email (phishing – never click on links or attachments before verifying the source).
Questions? Connect and send them to me on LinkedIn