Are you worried about cyber security, but intimidated by the challenge of improving things?
Our advice follows the UK’s National Cyber Security Centre (NCSC) Cyber Aware guidance, with an extra emphasis on protecting social media accounts because of the crime types being reported by individuals
Use a strong and different password for your email using 3 random words
Your email password should be strong and different from all your other passwords. Your main email account is the key to your digital life, where important emails including password reset requests get sent.
Combining 3 random words that each mean something to you is a great way to create a password that is easy to remember but hard to crack. The key to a strong password is achieving the greatest length while still being able to remember it. We would encourage you to try and achieve a password that is 13 characters or more in length.
Do not use words that can be guessed (like your pet’s name) or words that are obvious from your interests shared on social media. You can include numbers and symbols if needed by the site, but achieving a long password is more important.
Turn on 2-Step Verification (2SV) for your email and social media
2-Step Verification (2SV) gives you twice the protection so even if cyber criminals have your password, they can’t access your email or your social media account. Criminals obtain passwords by phishing you – that is, tricking you into handing it over – or by getting your password in a data breach on another site where you’ve used the same password.
2SV works by asking for more information to prove your identity. For example, getting a code sent to your phone when you sign in using a new device or change settings such as your password. The more robust form is 2-Factor Authentication (2FA) also known as Multi-Factor Authentication (MFA) which involves using authenticator apps or tokens.
Start using a Password Manager for most Passwords
We’re often told that the passwords for our online accounts should be really strong, and to not use the same password anywhere else. Especially for those important accounts like email, banking, shopping and social media.
The trouble is, most of us have lots of online accounts, so creating different passwords for all of them (and remembering them) is hard.
This is where a password manager can help. A password manager (or a web browser) can store all your passwords securely, so you don’t have to worry about remembering them. This allows you to use unique, strong passwords for all your important accounts (rather than using the same password for all of them, which you should never do).
Back up your data
A backup is a copy of your important data that’s stored in a separate safe location, usually on the internet (known as cloud storage), or on removable media (such as USB stick, SD card, or external hard drive).
Once you’ve made a backup, if you lose access to your original data, you can restore a copy of it from the backup.
Most backup solutions allow you to chose what data is backed up, whether that’s just documents and photos and videos, or the entire contents of your phone/computer (including the apps and programs you use).
As a rule of thumb, you should back up anything that you value. That is, anything that would inconvenience you – for whatever reason – if you could no longer access it.
Install the latest software and app updates
Applying security updates promptly will help protect your devices and accounts from cyber criminals.
You should apply updates to your apps and your device’s software as soon as they are available. Updates include protection from viruses and other kinds of malware, and will often include improvements and new features.
If you receive a prompt to update your device (or apps), don’t ignore it. Applying these updates is one of the most important (and quickest) things you can do to keep yourself safe online.
You should also turn on ‘automatic updates’ in your device’s settings, if available. This will mean you do not have to remember to apply updates.
NCSC Action Plan
Answer a few simple questions to get a free personalised action plan that lists what you can do right now to protect against cyber attack.