This is a guest post from Go Daddy’s Chief Information Security Officer, Todd Redfoot. In the post, Todd discusses how you can keep your accounts protected and your domain names safe.
Knowing that an outside party accessed one of your accounts can be incredibly frustrating and exhausting. But there are practical steps you can take to protect your accounts and the information you store in them.
7 basic ways you can make sure your accounts stay secure:
- Use a strong password. Eight characters is really not sufficient, a strong “passphrase” is the better choice. A creative device to help with generating strong passwords is to use a phrase that has special meaning to you. For example, “I need a strong password to make sure I’m completely secure,” could become the password InaspTmsIc$. Passwords should consist of a minimum of nine (9) characters and contain at least one special character.
- Change your password – often. This can be as simple as setting a reminder on your calendar to change your password at the beginning of every month.
- Use a variety of passwords. You should never use the same password for multiple accounts. It simply makes it easier for hackers to access all of your accounts. If you find it difficult to remember all these crazy passwords – try a password safe. There are many free ones out there that will safely store all your passwords in an encrypted database on your machine. Make sure you do your research before downloading anything you find on page 1 of a Google search.
- Always, always, always log out. This is particularly true if you’re using a shared computer, such as one at work or in an Internet cafÃ©. Regardless of the account you’re in, Facebook or Wells Fargo, take this precaution every time.
- Make sure your account is up to date. Some digital spring cleaning can also protect you. Remove expired credit cards you have stored in accounts and make sure your phone number and address are correct. Not only does this make your account secure, it also ensures that companies you do business with can contact you if there’s ever an issue.
- Beware of Wi-Fi hotspots. Sure, they’re convenient. But you shouldn’t use them to access secure accounts. Hackers are known to roam hotspots looking for their next victim.
- Protect your PC. Be careful what you download – only use trusted, well-vetted sources – and invest in anti-virus software to keep your computer safe.
When you have done “everything”, what else can you do?
- Do the 2-Step. Two-step authentication adds another layer of security by texting you a validation code to enter whenever you log in or make important account changes. If it’s available to you, take advantage of it. Go Daddy offers two-step authentication in the US and Canada. You can find out more information about it here.
- Never share your account with others. By giving others access to your account, or purchasing products with someone else’s payment method, you are giving them full access to your account details. If you need to delegate management of your resources check to see if you can assign permissions via account management settings. Go Daddy provides “Account Administrator” functionality. This allows management of your resources from separate accounts, limiting direct access to account details and billing information. Read more here.
- Check for keyloggers on your computer. Your computer might have malicious software, known as keyloggers, installed that records every keystroke you make — including your user names and passwords. Run anti-virus programs regularly to detect keyloggers. We recommend using your favorite search engine to find software that removes key loggers from your computer.
- Don’t fall for a phishing scheme. Cybercriminals look to create a sense of urgency to trick unsuspecting victims into downloading malicious files. Many attackers try to lure you into their schemes by sending emails that look legitimate, but include links to fake login pages that closely resemble the legitimate website. Hover over links, check for misspellings (acmebnak instead of acmebank), but don’t click. Go directly to the website and log in as you would normally; any message, important action, etc. will be there if the email is legitimate. Emails from Go Daddy, in most cases, include your first and last name, a clear first indicator of legitimacy.
Protecting you data is as critical as locking your car or your house – don’t give an attacker an easier route by using weak passwords or unsafe networks.