Student at her laptop
Sharing with the world what you had for dinner won't hurt anyone, but sharing too much information about yourself could hurt you. It's easily done, and most of the time you won't even know until it's too late. Staying safe online is becoming increasingly important, but there are lots of things you can do to help.


Strong passwords

To create a strong and memorable password, our advice is to use at least 3 random words, and combine these with numbers and/or symbols to create a password of more than 16 characters. A strong password using entirely random characters must still have a length of twelve characters or more to be strong.
Using weak passwords that can be easily compromised is a common cause of identity theft and other cyber crimes. Cyber criminals have tools that can generate and test millions of passwords combinations per hour. The use of a strong password will reduce the risk of you becoming a victim.


Password hygiene

Do:
  • consider using specialist password management software to avoid writing your passwords down, or storing them on your computer in plain text form to remember them
  • if you are not using a password manager, consider using a pass phase rather than a password to make sure it's easy for you to remember, but difficult for anyone else to guess
  • have a different password for each account
  • change your password if you have the slightest suspicion it has been disclosed.
Don't:
  • write down your password or store them on your computer in plain text
  • share your passwords with anyone
  • let applications (apart from a password manager) remember your passwords when asked. Just click no.
  • use words that are associated with yourself, such as your pet's or relative's name, phone number, or other personally identifiable information
  • use commonly-known acronyms or patterns such as qwerty or 123456
  • use the password of password.
It's healthy to check periodically whether your details have been disclosed as a result of data breach from a used vendor. A good source to check this is haveibeenpwned, where you can subscribe for any future data breach notification that include your details. A guideline on Password Managers has been provided by the University.


Your identity

All of your personal information has value to somebody. If a cyber criminal were to obtain this, the results could be devastating.
You need to make it as difficult as possible for your identity to be stolen. Here are some steps you can take to keeping your personal information physically secure.
  • When disposing of documents which contain personal data, e.g. bank and credit card statements, phone and utility bills, and other official documents, it is advisable to cross cut shred or incinerate.
  • If you think your bank or credit card details have been compromised in any way, contact your bank or credit card company immediately. This includes if you've misplaced your bank card, or if expected cards have not arrived. Don't forget to sign all new cards as soon as they arrive.
  • Avoid paying for anything if the transaction requires your card to be taken away from your sight for processing. In no situation is this needed and could open up opportunity for your card to be cloned. Upon paying with chip and pin always make sure no one is looking over your should, known as shoulder surfing.
  • Lock all sensitive identification documents such as passport, bank cards, birth certificate up in a secured container.
  • Encrypt your storage media where possible, see Protect your data .
  • Keep your computer hardware and storage media safe from theft or loss and if disposing of it, wipe all hard drives or other storage media using a specialist software tool.

Phishing

Phishing is the attempt to obtain sensitive information such as login credentials, banking information and personal data by disguising as a trustworthy entity via various communication methods such as emails, phone calls and websites.
The University have a guideline Anatomy of a Phishing Email to help protect you and combat this threat.