You can never be too careful when it comes to online security, so we’ve put together a quick list of tips to help you keep your online assets secure and so you can check you’re following best practice password advice.
If you’re a Lyrical Host customer with any concerns at all, please create a support ticket and we’ll get back to you ASAP to set your mind at rest!
Currently reading: Tips For Better Password Security Click To Tweet
And now for the tips!
01. Follow strong password advice
Use a completely unique password or PIN code for every site and account you have. If you have your domain and hosting with different providers, be sure to use a different password for each company, and a third different password for your email account (which is more likely to get hacked).
You’re likely already familiar with these tips, but when creating a password, make sure:
- It’s at least 8-12 characters long – the longer the better!
- It contains a combination of numbers, symbols, and upper and lower case.
- It’s not related to your username, name, significant other, children, pets, maiden name, common information about you, or any secret questions a sign up form may ask.
- It’s not a dictionary word or words.
When answering secret questions or password reminders, make your answers obscure. For example, don’t have the secret question “What’s your dog’s name?” and the answer “Spot.” Have the answer “Spot Destroyer Of Worlds” or something, so it’s harder for people reading your blog or who know you in real life to guess.
Set a recurring reminder in your calendar to change your passwords regularly.
Related: How To Look After your WordPress Install
02. Use Two Factor Authentication
Two Factor Authentication means that you need a special code to access an account in addition to the password. This is usually done by generating a code using an authenticator app or by having a code generated and sent to you via text message. It’s safer to use an app, since text messages are very insecure.
The only downside is that if you lose your phone, it can be a pain to access your accounts! But in general it’s worth it for the added security it provides.
For Lyrical Host, you can set up 2FA by following the steps in these articles:
03. Don’t give admin access
Avoid giving full admin access to your accounts. Many sites, including Facebook, your WordPress Dashboard and our own Hub, let you add users but control their permissions so they can’t see your billing details or have a scary amount of access.
Check your admin logins regularly and make sure you don’t have any suspicious users listed on your account. For WordPress websites, turn user registration off in your Dashboard settings where possible and use Wordfence to provide additional protection. If you give someone you trust access, remember to remove the access when it’s no longer needed.
04. Have anti-virus software on all your devices
Even if you’re careful about what you download and install, it’s best practice to have industry-standard anti-virus software on all your devices, especially any that are connected to the internet. Keep the software updated and be sure to scan for threats regularly.
This includes your phone, tablet, and Macs! There are free options out there, or you can get subscriptions to protect all your devices very cheaply.
05. Pay attention to the news & your inbox
Large company breaches will usually make the news, so change your password and take any other recommended security measures as soon as you hear of an incident, before you forget!
Don’t ignore genuine emails from companies telling you to change your password, update your software or app, etc. If you aren’t sure if the email is real, head to your normal login or app store to check for updates or change your password instead of clicking links directly in the email.
06. Use best practices in “real life” too
Just as you’d shield your pin at a cash machine, remember to be aware of who’s looking at your screen; you can even get films and monitors that make it nearly impossible for someone to see your screen. Be wary of sitting with your back to the room in public spaces where you’re using a laptop or desktop, and be conscious of reflections in windows, mirrors, and similar.
Limit who can access to your devices by using strong codes, passwords, and fingerprint locking, and have an app on your portable devices to track where they are.
07. Always use a secure internet connection to access your online accounts
Instead of wi-fi, it’s better to use a mobile connection, such as 4G, to access your accounts when you’re out and about. Avoid public access wi-fi networks, any that don’t require a password, and “closed” networks with easy public access, for example in cafes.
08. Be aware of what connection permissions you have & allow
You may think it’s not the end of the world if someone gains access to an old Twitter or Facebook account of yours; but if you’ve connected it to other sites as a third party social login, someone could easily gain access to far more than just your social media. Review your permissions regularly from your social media and app store account settings, and only allow access for the bare minimum.
09. Keep your assets organized
Make and maintain a list of old email accounts, abandoned social media logins, and other random accounts. Keep ownership where possible just in case, but clean them out, unsubscribe, change passwords, and keep them as locked down as possible.
Found this post useful? Pin it for someone else to discover:
No Comments