Let's Chat

0416 030 503

9:00 to 17:00 - Mon to Fri

Icewolf Staff

11 Jul.12 min read

Security

Online Account Protection

Welcome to the digital age, where everything from your morning coffee order to your deepest secrets is online. But with great convenience comes great responsibility. Let's dive into the wild world of personal cyber security and learn how to protect your online accounts. Buckle up, it's going to be a fun ride!

In this article I will cover


How Stressful a Breach Can Be and Why You Should Secure Your Accounts

Picture this: you wake up one morning, grab your phone, and see dozens of suspicious emails. Your heart races, and you break out in a cold sweat. Yep, your account has been breached. It's like finding your front door wide open with all your valuables gone. Stressful, right? That's why it's crucial to secure your accounts.

As the saying goes, "An ounce of prevention is worth a pound of cure." Securing your accounts not only saves you from potential financial loss but also from the emotional toll of a breach. So, let's get to it!

Have a Strong Unique Password for Each Account

Using "password123" for all your accounts? Mate, you might as well leave the key under the doormat! Each account should have a strong, unique password. Think of it as a unique lock for each door in your digital mansion.

What Makes a Strong Password?

A strong password:

  • Is at least 12 characters long.
  • Uses a mix of uppercase letters, lowercase letters, numbers, and special characters.
  • Doesn’t use easy-to-guess info like your name or simple patterns like "123".

Example of a Strong Password

Here’s a strong password: "4$xA&9zP*Qw3(LrT"

How Long Would It Take to Break?

Breaking a password depends on how strong it is. Here’s a rough idea:

  • Brute Force Attack: This is like trying every possible combination until the right one is found. With a very strong computer, it could take hundreds of years to break our example password.
  • Dictionary Attack: This method tries common words and simple passwords. Since "4$xA&9zP*Qw3(LrT" is random, it’s very hard to guess this way.

How Safe is Our Example Password?

  • Length: 16 characters long.
  • Complexity: Uses a mix of different types of characters.

With today’s technology, breaking `4$xA&9zP*Qw3(LrT` would take 100's of years, meaning it's very safe.

Consider using a password manager like LastPass or 1Password. These tools store and generate complex passwords, so you don't have to remember them. Easy peasy!

Always Use Two-Factor Authentication (2Auth) for Every Account

Two-factor authentication (2FA) is like having a bouncer outside your club. Even if someone manages to get past the first line of defense (your password), they still need to get through another layer of security. This second layer significantly enhances the security of your accounts by requiring not only something you know (your password) but also something you have or something you are.

When it comes to implementing 2FA, there are several reliable options to choose from. Google Authenticator and Authy are two popular choices, each offering unique features suited to different needs.

Google or Microsoft Authenticator

Google Authenticator is one of the most widely used 2FA apps available. It's straightforward and integrates seamlessly with many services, notably those in the Google ecosystem. Once you've set it up, the app will generate a time-based one-time password (TOTP) every 30 seconds. This means any hacker would need temporary possession of both your login credentials and your mobile device to gain access.

Advantages of Google or Microsoft Authenticator:

  • Simplicity: Easy to set up and use.
  • Compatibility: Works with numerous services and websites.
  • Privacy: No account registration required, minimizing data sharing.


This solution doesn't come without risk:

If you lose your phone, recovering

To prevent this you can use backup codes or sync with multiple devices. These solutions also have their own risk and complexities.

Bruteforce & Dictionary Attacks: How an Alias Login Can Save Your Old Email Account

Bruteforce and dictionary attacks are like a thief trying every key on a keyring until one fits. An alias login can be your secret weapon. Instead of using your main email address, create an alias for logging into accounts. This simple step can throw off potential attackers and protect your main email.

Create an alias like "your-login-email@example.com" for logging into accounts to protect your main email address (yourname@example.com) from potential security threats and spam. Remember you'll need to set up the emailing platform you use Hotmail or Gmail to login with an alias only.

DO NOT! Download or install a plugin in your browser to view a video

Downloading a plugin to view a video can present significant security risks. Malicious software like malware, spyware, or viruses can hide within these plugins, compromising your device and potentially providing attackers with unauthorized access to your personal information and system functionalities.

Privacy concerns are equally serious. Some plugins secretly collect data, tracking your browsing habits and harvesting sensitive information such as passwords and credit card numbers. This data can be misused or sold, putting your privacy at risk. It's safer to rely on modern browsers and reputable websites that support video playback without requiring additional plugins.

Social Media: Do Not Use Apps or Sign In to Unknown Platforms

Social media is a playground for cybercriminals. Avoid using apps or signing in to unknown platforms through your social media accounts. It’s like handing your keys to a stranger and hoping for the best. Stick to trusted platforms and always log out after use.

Protect your information by avoiding Facebook Apps from unknown developers or companies, as most stolen information on Facebook comes from using these apps.

Phishing Scams: Understanding URLs

Phishing scams are like fishing for digital dummies. Scammers send emails with links that look legit but lead to malicious sites. Always hover over URLs to see where they lead before clicking. If it looks fishy, it probably is. 

Example of a phasing scam URL:

www.yourbank.com.confirmation-verifyaccount1234567890.scamwebsite.com

How Scammers Send Emails That Look Like Your Email Address

Ever received an email that looks like it's from yourself? Scammers can spoof your email address using hacked websites and other nefarious methods. Always verify the sender's email and be cautious of unexpected attachments or links.

Avoid clicking on links in your email to prevent falling victim to phishing scams or malware attacks. Stay safe online by verifying the sender and URL before clicking.

If you are concerned about your account log in from the correct URL in your browser www.yourbank.com

Summary and Disclaimer

Cyber security is about doing your best to protect yourself. While no method is foolproof, these steps can significantly reduce your risk. Stay vigilant, stay informed, and remember: an ounce of prevention is worth a pound of cure.

For more tips on maintaining a secure online presence, check out our Secure Website Forms blog post.

Stay safe out there, digital warrior!