Top 5 tips from cybersecurity experts on staying safe online
Update your computer and software
Google found that this was the biggest difference between experts and normal internet users, with 35 per cent of the former group always installing updates, compared to only 2 per cent of the latter.
'Password' is not a password
Use a password manager
Remembering different passwords for six dozen different services is an impossible feat, and may lead to insecure behaviour like writing them all down on a file that could be leaked (as an engineer at Hacking Team reportedly did). Using a password manager like LastPass, 1Password or Keepass is the secure, safe(r) way of doing that. "Password managers change the whole calculus, because they make it possible to have strong and unique passwords," one security expert told the Google researchers. Of course, password managers present their own potential risks, LastPass suffered a security breach in June, and while no customer passwords were leaked, the attractiveness of such services as targets for hacking is obvious.
Enable two-factor authentication
Two-factor authentication is becoming increasingly common, with most popular apps – Facebook, Google, Twitter, etc – offering it and even encouraging users to turn it on. 2FA works by adding a second layer of security in addition to a password, meaning for example that you may have to generate a code using an app on your phone in order to login to your email service. More than 80 per cent of the experts in the Google study said they used 2FA on all their accounts.
Avoid insecure websites and dodgy emails
Security experts encouraged people to avoid clicking on links in emails from people they didn't know, and to be wary of visiting unknown websites, particularly if they request personal data. When users do visit an unknown site, as everyone does at times, the experts said to look out for the secure connection protocol HTTPS (which is indicated in the browser's URL bar) before entering any information, especially payment services. Using HTTPS was the third most mentioned security practice among experts.