Online Security Best Practices
Protecting yourself and your information is essential in today’s connected world. These best practices can help safeguard your personal information from fraud, identity theft, and cybercrime.
Use Strong, Unique Passwords
- Create complex passwords using a mix of letters, numbers, and symbols
- Whenever possible, create a password with a minimum of 12 characters
- Avoid using the same passwords for multiple accounts and websites
- Do not use easy to guess passwords like the date of your anniversary or a family member’s birthday
- Use a password manager to store and generate secure credentials
Enable Multi-Factor Authentication (MFA)
- Whenever possible, enable two-factor authentication (2FA).
- MFA significantly reduces the risk of unauthorized access, adding an extra layer of protection by requiring a second step like a code sent to your phone, when logging in.
- Enable it wherever it’s offered - especially for email, banking, and social media accounts.
Keep Mobile Device and PC Software and Systems Updated
- Always install legitimate updates for your apps, browsers, and operating systems. These updates often fix security issues that hackers try to exploit.
Be Cautious on Public Wi-Fi
- Avoid logging into sensitive accounts (like banking or email) on public Wi-Fi
- If you need to access sensitive accounts, use a Virtual Private Network (VPN) to encrypt your connection when working remotely
Change Passwords
- Change passwords if you suspect any accounts may be compromised
Safe Internet Use and Information Sharing
Don’t Share Sensitive Information Over Email or Text
- Never send passwords, Social Security numbers, or banking details such as account numbers, through unsecured channels
- Legitimate companies will never ask for this information via email or text
Verify Before You Share
- If someone contacts you asking for personal information, verify their identity first
- Contact the company directly using a trusted phone number or website—not the one provided in the message
Stick to Trusted Websites
- Avoid entering sensitive data on public or unfamiliar websites
- Only visit websites you know and trust, especially when entering personal or payment information
- Look for “https://” and a padlock icon in the address bar before entering any personal information. This indicates the site is secure.
Shop Smart Online
- Use secure payment methods like credit cards or trusted digital wallets
- Avoid deals that seem too good to be true
Be Careful What You Click
- Don’t click on suspicious links in emails, texts, or pop-ups
- Hover your cursor over links to see where they lead before clicking
Keep Your Devices Clean
- Install antivirus and anti-malware software—and keep it updated
- Regularly clear your browser’s cache and cookies to protect your privacy
Limit What You Share Online
- Be aware of what you post on social media. Fun “get to know me” posts are an easy way for hackers to obtain answers to security questions like the name of your favorite teacher, your favorite movie, or the location where you met the love of your life. These answers can be used to guess passwords or answer security questions.
- Be cautious about sharing personal info, even in private messages
Log Out When You’re Done
- Always log out of accounts, as opposed to closing the browser by clicking on the “X” in the upper right hand corner, when using shared or public devices
Smart Ways to Keep Your Account Safe
Keep an Eye on Your Accounts
- Check your account regularly for any unusual activity
- Set up alerts to notify you of changes or login attempts
- If something doesn’t look right, report it immediately to your financial institution or credit card company
Store and Dispose of Information Securely
- Sensitive information like bank account numbers should be encrypted or stored using secure methods
- Shred documents that contain your account number, including debit cards
Stay Informed
- Regularly review and enable account features and alerts that may help you protect your account
- Learn how to spot phishing scams and fake websites