Do you use the same password for everything? If you do, you're not alone. We all have bad cyber habits, whether it's reusing passwords or connecting to unsecured WiFi. These habits can make it easy for hackers to steal our personal information and use it for their own purposes - or they can sell it on the dark web for an easy profit.
These are habits you have to stop right now - and habits your employees need to stop too. After all, good cybersecurity practices are a group effort! But using the same password for everything or using simple passwords aren't the only things that are going to get you into trouble. Here are three more clear signs you're setting yourself up for a breach.
Sharing Your E-mail
Countless websites want your e-mail address. Sometimes it's not a big deal if you're sharing it with a vendor or e-commerce site. You want to ensure you receive invoices and shipping confirmation. But other websites just want you to sign up for special offers, notifications, e-mail newsletters and other inbox clutter. It sounds mostly harmless, but what they fail to tell you is the fact that they're going to sell your email address to advertisers and other third parties.
To make matters worse, you have no idea where your e-mail address will end up - or if it will fall into the wrong hands. Hackers are constantly on the lookout for e-mail addresses they can take advantage of. They use e-mail for several different kinds of cyberscams - most notably phishing scams. Hackers can even make it look like an e-mail is coming from a legitimate source to get you to open it.
Whenever possible, avoid using your work or personal email. If you need to sign up for something and you don't completely trust the source (or just want to avoid spam), create a "burner" e-mail address you can use. It should be something different from your work or personal e-mail and not associated with business or banking.
Not Using HTTPS
Most of us are familiar with HTTP. It's short for Hypertext Transfer Protocol and is a part of every web address. These days, however, many websites are using HTTPS - the S standing for "secure." Some web browsers, like Google Chrome, even open HTTPS websites automatically, giving you a more secure connection. Of course, this only works if the website was made with an HTTPS option.
Why is visiting an unsecured HTTP website dangerous? Any data you share with an unsecured website, such as date of birth, passwords or any financial information, may not be securely stored. You have no way of knowing that your private data won't end up in the hands of a third party, whether that's an advertiser or a hacker. It isn't worth the risk.
"Many password managers are designed to suggest new passwords to you when it's time to update your old passwords."
When visiting any website, look in the address bar. There should be a little padlock. If the padlock is closed or green, you are on a secure website. If it's open or red, the website is not secure. You can also click the padlock to verify the website's security credentials. It's best practice to immediately leave any website that is not secured. And never share your personal information on a webpage that is not secure.
Saving Your Passwords In Your Web Browser
Web browsers make life so easy. You can save your favorite websites at the click of a button. You can customize them to your needs using extensions and add-ons. And you can save all your usernames and passwords in one place! But as convenient as it is, saving passwords in your browser comes with a price: low security.
If a hacker gets into your saved passwords, it's like opening a treasure chest full of gold. They have everything they could ever want. Sure, web browsers require a password or PIN to see saved passwords, but a skilled hacker can force their way past this hurdle if given the chance.
Use a password manager instead. These apps keep all of your passwords in one place, but they come with serious security. Even better, many password managers are designed to suggest new passwords to you when it's time to update your old passwords. LastPass, 1Password and Keeper Security Password Manager are all good options. Find one that suits your needs and the needs of your business.