Digital Security

Use strong passwords

The first step towards securing your digital interactions is to use strong passwords. The strongest password is longest string of random characters allowed by the service you're authenticating against. So if your bank allows 6-28 character passwords, craft a 28 character password. The chances of success for brute-force password attacks drops by a significant factor each time a character is added to your password length. Random characters is also best because any word, phrase, name, important date, or other identifying information will be tried first by the attacker.

Use different passwords

Say someone does find out your password: if you also use that password at another website, they have easy access there, too! Using a different password for every site is best practice. If possible, also use a different username for each site. Some sites use your email address as your username; Google's Gmail has a neat feature that allows you to append the plus sign (+) to your username to create an email alias. So you+me@gmail.com will deliver to you@gmail.com, and two+four@gmail.com will send to two@gmail.com. If you have a Gmail account, we highly recommend this extra precaution.Of course, managing all of this information is tedious. So we recommend using a password service such as 1Password or LastPass to automate, synchronize, and monitor your passwords for you.

Three more precautions

1. Don't share accounts with anyone. First find out if sharing your account is really necessary. Some services offer to share the service with another account holder, without sharing your account. Amazon Prime, Apple's Family Sharing, and several of Google's products all offer ways to share benefits or services with other people.
2. Never send login credentials to anyone over email or text message. Sometimes you need to share an account, but it's best to share the login information over the phone or an auto-expiring link such as https://passwordexploder.com. You'll want to be sure to update the password more frequently if you're not the only person using the account.
3. If supported, turn on two-step authentication. This usually requires a smartphone, but essentially when you (or anyone else) attempts to login to a service, the service will prompt you in a second way (usually via your smartphone) to allow that access to be approved.

Realistic Expectations

The level of security you apply to your digital interactions should be directly proportionate to how terrible it would be if someone had malicious access to your account.