As we continue our focus on the subject of online security, this time around we look at accessing secure information through the web. In a previous post we looked at what the user can’t control, but now the focus turns to what users can control and we start with how information is accessed.
Accessing the Information
Without a doubt, some websites are more secure than others and it’s something users can’t change. However, accessing the information on those websites is something users can control.
First and foremost, make sure you know where you’re going. Confirm the web address is correct from a paper statement or other form of direct correspondence. Don’t navigate to websites by clicking links in your email. Email can be spoofed and convincingly real.
You can use search engines to find your destination, but don’t click a result just because it’s the first one listed. Read the result before clicking it, check the web address that’s displayed underneath each entry heading and when you finally do click, look over the website to make sure it’s what you wanted before entering your login details. When you find the website you want and confirm it’s accurate, bookmark it to make it a favorite. Next time you need to login, you’ll already have the website saved, confirmed and easily accessible.
Second, login or enter personal information only from a secure location. A secure location is a broad term, but overall it means don’t login from wifi hot spots or cafes. Obviously using cafes and such for browsing is fine, but we recommend against logging into banking or other important websites via public hotspots. Avoid logging in from computers you’re unfamiliar with. An insecure system may not be easily noticeable and if you leave footprints behind, they could be vulnerable on a compromised system in the future.
Third, use a strong and unique password for every website you access which holds personal, private or financial information. The strongest type of password is one which includes both letters (uppercase & lowercase mixture), numbers and special characters. Many banks in their infinite wisdom don’t allow special characters which is a glaring reflection on the rest of their security, but again that is beyond your control. We recommend passwords with those combinations of at least 12 or more characters in length to maximize security. Additionally, you should change the password with some regularity. A good rule of thumb is once a quarter.
Passwords are a particularly hot topic and we will revisit passwords in a future online security article. Users need to know how to create strong passwords, store the passwords and manage login credentials, all of which we’ll be addressing as our series continues.
Comments are always welcome and we do our best to respond to as many as we can, thanks for reading!