‘It’s easy to stay safe online’ with these 4 steps (plus 1)

What is multi-factor authentication (MFA)? Also known as two-factor authentication, this widely available tool secures your accounts by requiring two pieces of information to log in. One common example of two-factor authentication: entering your password and then typing in a one-time code sent to your email address or smartphone. 

Other examples of a second step that may be used in two-factor authentication or 2FA include: 

• A security question (for example, “What was the name of your favorite teacher?”) 
• A biometric identifier such as your face or fingerprint. 
• A temporary passcode you get via an authenticator application. 

You can typically enable multi-factor authentication by going to an account, going to settings, and looking under security. You then toggle multi-factor authentication to “on” and provide any necessary information, such as your phone number or email address where you want a code sent. For example, here’s how to turn on 2FA on Facebook and on Google.  

Quick “It’s easy to stay safe online” task 

Take 20 minutes to set up 2FA on your most important accounts. Consider doing this for: your bank and credit card, email, payment, utilities, shopping, and social media accounts. Here’s a cheat sheet so you don’t forget any accounts. 

2. Shore up your password practices 

Another top priority for online safety: Use strong passwords and a password manager. If you can easily remember a password, chances are good that a hacker could use a computer program to quickly guess it and get the keys to your online kingdom. 

A strong password should be: 

• Complex – with upper and lowercase letters, numbers, and symbols 
• Long – at least 16 characters long to make it much harder to crack 

• Hard to guess – no real words or personal details like names and birthdays 

But the same characteristics that make passwords hard to crack also make them difficult to remember. That’s why password managers are such a handy tool. 

Password managers keep track of all your passwords in a secure online vault, can generate strong passwords for you on demand, and can even safeguard other important information such as your credit card numbers. They can quickly and easily auto-fill your passwords for you when you go to log into a site.  

You can get a free or paid password manager service depending on your needs, number of devices you have, and the features you need. 

Quick “It’s easy to stay safe online” task 

If you don’t have one, take 10 minutes to start using a reputable password manager. To sign up, choose your password manager, register for an account, and choose a master password. Hint: Make your master password very long and very difficult to guess. And make sure to keep it in a secure place. Your master password will give you access to your password manager, but could also be used by a cybercriminal to get ahold of all your passwords if you don’t keep it safe.

3. Update your software right away 

Keeping your software up to date is one the easiest and most important things you can do to stay safe online. That’s because software updates often fix bugs or loopholes attackers can exploit to gain access to your data, infect your device with malware or ransomware, and even remotely take over your computer.  

Make sure to update your software on a regular schedule or whenever you get an alert letting you know an update is available. Get in the habit of doing software updates right away rather than putting them off for later. It’s also smart to get a reputable security program that can add an extra layer of protection. 

Want to brush up on how to perform regular updates? Here’s how to update the software on an Android and how to update the software on an iPhone or iPad. It’s important to regularly update your operating system as well as apps on your device. Not only will regular updates help keep you safe online and shore up your privacy, they’ll also fix glitches and help your devices run more smoothly. 

Quick “It’s easy to stay safe online” task 

Take 15 minutes to check your devices for software updates and get current. For convenience and speed, turn on automatic software updates. If you prefer to update software manually, set up an alert to remind you to check for updates once a month.

4. Spot and report phishing scams

Learning to recognize and report phishing scams is a top step you can take to stay safe online. It’s fairly easy to do and doesn’t take long at all. 

What is a phishing scam? It’s when a cybercriminal sends you a fake email, direct message, text, or even a pop-up ad to try to trick you into taking an action such as clicking a link, providing personal information, or making a payment. A phishing message may be cleverly disguised to look like a real message from a familiar company such as your bank. 

Cybercriminals can be pretty sophisticated with phishing scams, to the point that there are many types of phishing techniques that have earned their own names. For example, “spear phishing” targets a specific individual rather than a group, and “whaling” targets a big fish like the CEO of a company.  

Learning to spot the telltale signs of phishing and to stop and think before taking action on an email or other message can go a long way towards keeping you safe from phishing scams. Here are some clues that can tip you off to a phishing attack: 

• Alarming “news” about an account. 
• Attachments that look odd. 
• Failure to address you by name. 

• Grammar errors or misspellings. 
• Offers for free gadgets, trips, or other items of value. 
• Language that sounds just a little bit “off.” 
• Request to click a link or take urgent action. 

Quick “It’s easy to stay safe online” task 

Take 10 minutes to review these real life examples of phishing messages that were sent through email and social media. And make a quick note of what to do if you receive a suspected phishing message: Don’t click on links or open attachments, report phishing to your email provider, delete the message and block the sender. As an example, here’s how to report phishing in Gmail if they’re your provider. 

5. Protect your identity and privacy

It’s common to fall prey to identity theft and it’s hard to clean up the mess after it happens. But you know what’s easy? Our bonus behavior: protecting your identity and privacy. 

In 2021, over 1.4 million consumers reported identity theft and fraud, and these crimes cost $5.8 billion, according to the National Council on Identity Theft Protection. And ID theft is on the rise every year.  

The good news: Some of the items we’ve already reviewed, such as security software, strong passwords, two-factor authentication, and regular software updates, can help protect against identity theft. To learn what else you can do, check out this list of ways to avoid identity theft. 

Quick “It’s easy to stay safe online” task 

Take 15 minutes to complete these three simple steps to safeguard your identity. Make sure your mobile device is locked with a strong passcode to keep ID thieves from adding spyware when you’re not looking. If you don’t own a shredder for sensitive documents, take a minute to research models or make a note of the dates of free shredding events in your community. And set up an alert to remind you to check your credit reports for free at AnnualCreditReport.com. You get a free report from each major credit bureau once a year. So check one bureau each quarter to keep an eye on your credit year round. 

As you can see, it really is quick and easy to bolster your cybersecurity. You can do these four key behaviors in an hour or less — and many only need to be done once. Making the time to do these tasks this month will pay you back many times over in greatly enhanced security and peace of mind.