Be careful who you give your information to online. Don’t provide financial information or any personally identifiable information to a site you do not fully trust.
When visiting sites, make sure that the URL is correct and that you are truly at the site you intended to visit. Never, EVER click on a link from an unsolicited email, instant message, or pop-up.
Avoid public Wi-Fi connections and shared computers if you can. If you have to use public Wi-Fi, make sure that you don’t submit any login or personal information to a site that doesn’t use an HTTPS connection.
Use better passwords. In general, the longer the password, the better. Longer, mixed case (upper and lower case) and including special characters such as @#$ makes your password harder to guess and crack.
Don’t use the same password everywhere. If there is password breach at one site all other sites where you use that password are now compromised. Use unique passwords for every site. To make it easier, use a password manager such as KeyPass or 1PassWord, or come up with a password scheme known only to you that helps you generate unique passwords for each site, but is easily remembered by you. Here’s an example schema for Amazon and Google: aMa!345&sMZ0N gOo!345&sMGlE – where the scheme uses the site name in varying case, a memorable street number and first few letters of the street name. Once you memorize your pattern, you will remember long complex passwords for every site you visit (just don’t share your schema with anyone!)
Related to using unique passwords at each site, try not to use the same security answers at every site. These are those 3-4 questions where they ask for your mothers maiden name, childhood friends, etc. Whenever possible, write your own questions rather than using the suggested ones, and don’t use questions that are easily guessed.
Use 2-factor authentication when its available. Yes, it makes it a bt more difficult to get to your data, but that’s the point isn’t it! And once you are used to it, it’s well worth the added security. Google and other services offer two-factor authentication where they require an additional 2nd password or code that is sent to your cell phone when accessing your data.
Do you have any other suggestions for protecting your accounts and identity online?