Bee Aware: Sunscreen, shades, and secure logins

July 5, 2024 by James Tucciarone III
Bee Aware Hero: Padlock in the sand

 

Building sandcastles on the beach is fun, but keeping them safe from the tide takes work! Just like your masterpiece, your digital life needs protection from crashing waves of cybercrime. Follow these tips to build a fortress for your personal information!

Your password is the key to your sandcastle

Forget "beach123" or your pet's birthday. These flimsy passwords are easier to crack than a sandcastle in the tide. Here's how to fortify your defenses:

  • Create passwords that are more than 12 characters long and include special characters. Better yet, use a passphrase. For instance, "My sandcastle is password protected in 2024!".
  • Don't reuse passwords across different accounts. Using the same or similar passwords makes it easier for cybercriminals to access our other accounts.
  • Consider using a password manager to store and generate your passwords.

MFA is your sandcastle's security must have

Add a moat around your sandcastle with Multi-Factor Authentication (MFA). It requires an extra step, like a code sent to your phone, to verify your identity when logging in. This makes it much harder for hackers to steal your information - even if they have your password.

Bad actors know MFA is becoming more and more common. That's why they've adopted two tactics to try and get around it: MFA fatigue and MFA phishing.

  • MFA fatigue is when cybercriminals bombard a user with many MFA requests. Their goal is to frustrate us into accepting a request or approve a request in error.
  • MFA phishing tries to trick us into providing authentication codes. Cybercriminals often masquerade as support providers or send links to fake login screens.

Don't let bad actors seize your sandcastle with 'phishy' login screens

Cybercriminals can create fake login screens that look exactly like our favorite or most-used websites. This can include Yale’s Central Authentication Service (CAS) screen. So how can you tell if a website is real or fake? Use these tips to steer clear of shark-infested waters:

  • Always check the website URL -  only browse sites that use official addresses.
  • Go straight to the source - don’t click unexpected links received in emails or other messages.
  • Bookmark important pages - use pre-saved bookmarks to ensure you're browsing safely.
  • Look for the “https” in the URL - if you only see “http” the site is not secure.

These tips ensure even the sneakiest cybersecurity crabs can’t breach your digital sandcastle. So soak up the sun and enjoy your summer adventures with the peace of mind that your online identity is safe and sound!