It is easy enough to say “Don’t use the same password twice” or “Always keep your portable devices safe”, but what can you do to immediately upgrade your cybersecurity in under 5 minutes?
Firstly, what is Pwn?
No, it’s not a real word, but it is a real thing.
‘Pwn is a leetspeak slang term derived from the verb own, meaning to appropriate or to conquer to gain ownership. The term implies domination or humiliation of a rival, used primarily in the Internet-based video game culture to taunt an opponent who has just been soundly defeated (e.g., “You just got pwned!”).’ – Wikipedia
Although most of our readers may not be going home after work to play a few rounds of Fortnight with the lads, Pwn is a relevant term that most of you will have been subjected to. If your email address, passwords, or any personal information has ever been leaked online, you have been Pwned.
So have you been pwned? Well, unfortunately, most of us have and may not even know it.
How do you know if your information has been compromised online?
Have you used your email address on a website that has then been hacked? When it got hacked what information was stolen? You can check if you have an account that has been compromised in a data breach here.
If you have been Pwned you will fall into one of two camps
- You use a unique and complicated password for every account you have ever made therefore you have nothing to worry about.
- You often use the same email address and password for many different accounts on the web. If this is you, now is the time to take action
Now be honest. Which one are you?
What action do you need to take? You need to change all your passwords on all your accounts NOW.
So what action do you need to take?
It is almost impossible to make strong and unique passwords for all the accounts we have on the web and remember them. So it is time to get some help. I highly recommend LastPass. This is a password vault that has an app for your mobile and a plugin for Chrome. It generates strong secure passwords, and stores and fills in your login details for you online.
The most common question I get asked is “Is having all our passwords in one place safe?” Yes, it is safe. When logging into your LastPass account you are required to enter your master password whenever you’re connecting from an unknown device. I highly recommend activating the two-factor authentication to increase security further. It takes an extra 30 seconds of your time to ensure all your personal information is safe.
The sentence method
I recommend the sentence method for making the master password. You take a sentence like “when will my 13-year-old do her homework!!!” and turn it into your password. Wwm13y0dhH!!!
I always make the first and last letters capitals, I change O for 0 (zero) and e for 3. I find these tricks make passwords easier to remember.
LastPass for home and business
You can have separate LastPass accounts for your personal and business logins. Both accounts can be connected on all of your devices (using your master password and the two-factor authentication), so no matter where you are, you have access to your passwords and login information.
Qbit has an Enterprise plan so that we can keep your data safe and our Engineers productive. Working in an office environment often means many people need to log into the same websites using the same passwords, LastPass handles this. You can also create groups and assign people to those groups. This restricts who has access to each online account.
If an employee leaves you, just deactivate their LastPass account. You no longer need to go through and change all the passwords.
Security Must Do’s
Security needs to be taken very seriously, these are the top ten security musts!
- Every password is unique
- Use a password vault like LastPass to help
- Passwords must be strong, with at least eight characters with letters and symbols
- Change your Windows passwords every 90 days
- Use two-factor authentication wherever possible
- Do not use Facebook or Google to sign into other websites
- Do not let your browser save your password
- Be suspicious of everything including phone calls
- Never change a suppliers bank account without verifying it
- Have a payments process that even the CEO is not allowed to override
Interested in setting up an enterprise version of LastPass?
If you are a current Qbit client, please have a chat with your account manager.
Visit our Cyber Security page to learn more about our Cyber Security Solutions. Call us at (08) 6364 0600 or send us an email at sales@qbit.com.au to discuss your business IT requirements over a cup of coffee.
