In our latest Top Tips blog, we are diving into how you can make your social media accounts secure. Are you making it a challenge for hackers, or have you opted for quick and easy passwords?
Let’s address the facts head on, the majority of us have stuck to the same passwords for years, mixing up pets' names, phone numbers and birthdays for multiple accounts. This behaviour can increase the chances a hacker could easily guess your account details and gain access to your precious personal information.
The significance of employing strong passwords means that you are protected from data breaches. Hackers want to steal passwords because they have a monetary value and can be sold on to other cybercriminals or as ransom. This could become the gateway they need to infiltrate other university systems.
Fast facts.
59% of people use the same password everywhere
90% of passwords can be cracked in less than six hours
There is a hacker attack every 39 seconds
Scary stuff...
So, what can I do to protect myself?
Create a strong password
This is your first line of defence and it's best to make your password long. This is the most critical factor. Make your password a minimum of 15 characters, more if possible. At the same time, use a mix of characters. The more you mix up letters (upper-case and lower-case), numbers, and symbols, the more potent your password is, and the harder it is for a brute force attack to crack it.
Two-factor authentication (2FA)
Activating two-factor authentication on your social accounts adds a second layer of protection beyond your strong password. 2FA is available on the vast majority of social networks and online sites (Amazon, Google, Dropbox etc.). This method gives you an extra layer of security that will make life difficult for hackers. This is a feature we highly recommend to ensure your accounts are kept safe.
This Verge article breaks down all the main sites that use 2FA and how to activate it.
Regularly refresh your passwords
You should aim to change your password at least twice a year to ensure your account is secure.
Avoid common substitutions.
Password thieves are onto your bad habits of using common substitutions in your passwords. Whether you use APPLEPIE or 4PP1EP13, the brute force attacker will crack it with equal ease. These days, random character placement is much more effective than common numerical replacement.
Don't overuse a password
Having a strong password is great, but if it's repeated multiple times on all your social media accounts the likelihood of every account being exposed in a data leak greatly increases. Also, resist the temptation to cycle through passwords, for example, if you forget your password and change it from “NeonC4ffeine.” to “NeonC4ffeine2”. This is a prime example of poor password management.
Don’t write it down…use password management tools
It's always good to limit who has the passwords to your accounts, particularly if you work in a team who can all post on your accounts. If you don't have a social media management platform (e.g. Falcon, Sprout Social, etc.) to manage user access, you could use a password management tool (e.g. Bitwarden, LastPass, etc.)
These sites secure your passwords and usernames in a list format and are encrypted, meaning your passwords are jumbled from plaintext to ciphertext. The benefit of this service is that you only need to remember the master password. Also, some of these sites offer an auto-fill option which is convenient and fast.
Be proactive, monitor your risks
'Have I been pwned' is a site that searches if your account has been exposed in a data breach. What's great about the site is that it tells you in which data breach your credentials were exposed. Click the link to see if your credentials have potentially been exposed and whether it's time to update them.
Be smart, be safe, make strong passwords.
About the Top Tips blog series
Nobody is perfect and sometimes our workloads can get in the way of doing everything 100% as it should be on social media. We'd love to hear from you about what topics you'd like us to cover. Get it touch on our contact page.