Email security tips

One of the biggest news stories of the recent USA election process is the hacking and wikileaks release of the Hilary Clinton advisor emails. Who and why carried out these hacks is not relevant to this article, but how they were carried should be of concern to every email user, whether you are running for President or not.

If  the advice below had been followed, then it is very unlikely that these email accounts would have ever been compromised.

  • Use a strong password

    A strong password is difficult to break by ‘brute force’. In the case of the Hilary Clinton emails, it would appear that the password being used by the political advisor (John Podesta) was ‘guessed’. This does not usually mean that the hacker manually attempted to guess the password (although they would have tried the usual ‘weak passwords’ such as ‘password‘ or ‘pa55word‘ first)

    Brute force hacking is usually carried out by an app/program running on a computer or multiple computers, which attempts thousands of passwords per minute until it guesses correctly. These programs may take considerable time to guess the password, but they are usually successful if the password is not strong enough.

    Example of a strong password  59(t£gsT&9hZ4#h3    (Yes, incredibly impractical, but this is a good example of the type of password you should be using)

  • Weak passwords

    Weak passwords are usually made up from real words and names, sometimes prefixed by numbers, ie 1781Roses or with numbers substituting the letters, ie W1ndm1ll or Ph0n3

    These weak passwords are very easy for hackers to guess, in fact most brute force hacking apps will try number substitution very early on in the hacking process.

  • Use unique passwords

    It is important to use a different password for each system, ie you should never use the same password for your email as you do for twitter or facebook. If you do then it is very easy for the hacker to hijack your other accounts

  • Turn on two-factor authentication

    Sounds technical, but in fact it is simply an additional layer of security that ensures that no other devices can access your account. Even if the hacker has discovered the password, they will still need the code that will get sent to your phone via text message.

  • Watch out for phishing sites

    Phishing works like this: The hacker sends an email which  looks legitimate but is actually a fake. The end user clicks a link in the email which goes to a page that looks like the login page for their email account,bank, or an online system such as dropbox. The user then enters the login and password thinking they are accessing their own account, however without realizing it, they just gave their password to the hacker. Now the hacker can use this password to log in to the users system and exploit it in any way they wish.

Password Managers

The best advice we can give is to use a strong password and change it often, however, how to remember and then keep track of all these passwords can turn into a nightmare!

Password managers are apps and services that keep track of all your passwords in a secure environment ensuring that you never lose access to vital services. Many will also complete online password forms for you automatically, saving you having to type  in those ultra strong passwords that are recommended.

Dashlane –  www.dashlane.com/

Dashlane Password Manager and Digital Wallet offers password security and keeps it simple to login to apps and websites. Free on 1 device, paid for service allows you to sync multiple devices.

Last Pass – www.lastpass.com

Work faster and smarter. Let LastPass sign in to all of your online accounts for you. Get convenient access to your passwords anywhere you work, with automatic sync across every browser and device. Free on 1 device, paid for service allows you to sync multiple devices.

Logmeonce –www.logmeonce.com

Syncs passwords across multiple devices. Free

  • Change your passwords today!

    Your accounts may already have been compromised, so change them today. Then continue to change them on a regular basis. We know it’s a pain, but your online identity and financial stability could be at stake.

By |2018-01-18T14:09:19+00:00March 27th, 2017|Categories: CloudSpark, Security, Tips and advice|Tags: , , |0 Comments
This website uses cookies and third party services. Ok