Here's a collection of thoughts for your average computer user, but they apply to all of us. The less exploited websites & computers on the internet, the safer we all are.
Never recycle passwords¶
Password reuse is the number one reason we see accounts get exploited on a daily basis. Use a password manager.
Periodically check sites like Have I been pwned) & change the relevant passwords after 3rd party breaches.
Use a password manager¶
Use a password manager, there's no reason not to these days — there's software that supports all budgets, operating systems & license of choice.
Indecisive? Here's a full list of password managers) you can peruse until the end of time.
Most password managers can integrate with your browser & can be sync'd across devices, regardless of OS
When in doubt, reset!¶
If you ever see an SSL related connection error when connecting to a particular service (email, sftp, our control panel, billing, etc.), do reset the related password as a precaution.
After public wifi/travel: Whether traveling, or connecting to While traveling & using networks that might be of sketchy origin, keep a digest of the passwords you use & change them during, and after returning from your trek.
Sharing passwords; If you do have to share a password for any reason, change the password beforehand (so you're not sharing a password you may have inadvertently used elsewhere) & afterwards.
Practice Safe browsing¶
- Use the latest version of your browser.
- Disable flash, or use a browser that allows you to enable it on demand like chrome.
- Block ads: Software addons like ublock origin) & eff's privacy badger) can really help.
- On mobile, consider using Firefox Focus.
Keep software up to date¶
Keep software up to date, whether locally (your computers, tablets, phones) or on your hosting account.
Remove unnecessary software that could potentially be exploited — e.g. use as few plugins as feasible for scripts like WordPress, Joomla, Drupal & other content management systems. The same applies to your local computer: Less is more, but particularly with software that runs as a daemon (in the background).
Avoid public wifi¶
Avoid public wifi connections whenever possible, but especially when using ftp, email, etc. unless you're connecting securely via sftp, or pop3 / imap via ssl or another secure method. Even then there are man in the middle attacks. These rules apply to laptops, cellphones, tablets, and any other device that can access networks.
Keep your router up to date¶
If you operate your own consumer grade router at home, keep it up to date.
- Make sure that it's using encryption. Avoid using unencrypted wifi.
- Change the default password
- Disable any file sharing mechanisms it supports.
- Turn off any remote access/manage related features
US-Cert has some reasonable tips for securing your home network
Don't share devices¶
- Avoid using public computers, but if you do, change any passwords you've used afterwards.
- Never assume that your friends, family & relatives don't already have virii / trojans / etc. on their system. The odds are against you in today's world.
Keep software up to date¶
- Regardless of location (your computers, tablets, phones) or on your web hosting account, keep your software up to date.
- Remove unnecessary software that could potentially be exploited — e.g. use as few plugins as feasible for scripts like WordPress, joomla, drupal & other content management systems.
- The same applies to your home computer — remove unused software, or software that is commonly exploited like adobe flash, adobe pdf applications, etc.
Most importantly of all, keep backups. We've seen it time & time again, where something nasty occurs and there's nothing to restore to.
Bad things are going to happen¶
Bad things happen, period. Fires, theft, exploits, or even just bit rot1. Backup, backup, backup!
The 3-2-1 backup strategy¶
- Keep at least 3 copies of your data
- Two local copies of your data on two different backup mediums (Hard drive, usb key) in two different local locations in case of fire or theft.
- At least one offsite copy. Whether this is a safety deposit box, or a good friend's safe.
Backup only what's important, and, remember if you don't have backups, the data might well not exist.