The Webteam is approached from time to time on issues of securing your identity, privacy, security, safety, and spam.
Please use the following advice to improve your privacy and security practices.
Secure your device
- your account or login with anyone, ever
- if you are sharing a computer, create a separate account for every user, and a separate admin account
- always lock your device
- on a mobile device ensure you have a pin, swipe, or biometric password turned on
- use automatic lock, e.g. after a timeout
- never, ever, give user accounts administrator privileges
- create a separate admin account with administrator privileges, using its login when escalated privileges are required, e.g. to install software
- install and configure remote locking and tracing software
- mobile device security check
Secure your email
Your main email account is the key to your identity, and probably many of your assets.
- your passphrase (aka password), ever. This means don't tell anyone, don't email it
- always use two factor authentication, e.g.
- choose a strong passphrase
- use a unique passphrase for your email account, and for each other "high value" account, e.g. your bank account
- if using passphrase recovery questions do not use ones that can be discovered (e.g. mothers maiden name, first school, etc)
Maintain your device
- keep the operating system up to date, enable automatic updates
- keep all software up to date, where possible enable automatic updates or checking for updates
- use anti-virus software, e.g. the following are free for personal use
- always ensure the firewall is on
- choosing secure passwords (Bruce Schneier)
- creating a strong password (Google)
- create strong passwords (Microsoft)
- try telepath words
- CERT NZ guide to cyber security