Best practices for digital safety
and cyber hygiene
The information below is based on official guidance from the Australian Government, sourced from cyber.gov.au and scamwatch.gov.au.
With more and more aspects of our daily lives taking place digitally, understanding online safety has never been more important to stay safe in the digital world, just as much as in the physical one.
Improving your cybersecurity and online safety starts with good cyber hygiene!
What is Cyber Hygiene?
When we talk about cyber hygiene, this refers to the practices and steps you take to maintain the safety and security of your online information and protect against cyber threats.
Cyber hygiene focuses on keeping devices and data secure from malicious attacks, unauthorised access, and other cyber risks.
In the same way good hygiene protects your health – good cyber hygiene protects your data. Both start with the right habits.
While no single set of mitigation strategies can protect against all threats, there are a few basic steps you can take to greatly increase your digital safety and form good cybersecurity habits.
- Use strong passwords/passphrases
- Use MFA/2FA
- Update devices/software often
- Learn to recognise scams
Passwords & passphrases
Passwords are your first line of defence, so they should be strong – meaning long, unique, and hard to guess.
It’s tempting to reuse passwords in multiple places because remembering unique passwords for every account can be a challenge; however, it’s very important not to reuse passwords.
Passphrases are similar to passwords but are made of at least four random words. This makes them easy for humans to remember but hard for computers to guess. Try to use random, unpredictable words for a more secure passphrase.
As an example – ” horsebatterywindmillstaple “ – is easy to remember, but it would take 4 quintillion years for a computer to crack this password. If a service requires your password to include symbols/numbers, you can include these in your passphrase (you can also substitute letters, like o, i, and s, with numbers – e.g, horse would become h0r5e).
The recommendation is to use strong passwords/passphrases and a password manager to keep track of them securely.
(https://www.cyber.gov.au/learn-basics/explore-basics/passphrases)
Multi-factor Authentication
Multi-factor or two-factor authentication (MFA/2FA) combines multiple pieces of information such as something you know (like a password) and something you have (like a code on a physical device or fingerprint).
MFA requires you to provide both before granting access, and it is an effective way to protect your accounts against unauthorised access.
Please review our guides below to use MFA/2FA with your WP Hosting services.
- Enable MFA/2FA in the WP Hosting Client Area
- Enable MFA/2FA on cPanel/web hosting
- Enable MFA/2FA on Enterprise/CloudPanel hosting
It’s recommended that you enable MFA/2FA wherever you can.
(https://www.cyber.gov.au/learn-basics/explore-basics/mfa)
Keeping devices up-to-date
Updates to your devices and software can not only add additional features and improvements, but often also include security patches and enhancements.
Many cyber criminals rely on exploiting known security flaws on unpatched devices, so it’s important to keep your devices and software, including your website, up-to-date.
It’s recommended to update your computers, phones, tablets, apps, and software on a regular basis.
(https://www.cyber.gov.au/learn-basics/explore-basics/update-your-devices)
Be aware of online scams
Unfortunately, online scams/phishing are becoming a more common way for cyber criminals to compromise accounts.
This is why it’s important to be aware and alert to the types of scams and tactics that ‘scammers’ can use.
Common scams include;
- Phishing emails/phone calls
- Text/SMS scams
- Social media scams
Regardless of the method, all scams will have similar “red flags” to be on the lookout for;
- Unsolicited contact
- Sense of urgency and/or pressure to act
- Poor grammar/spelling
- Suspicious email addresses and URLs
- Requests for personal information
For more information
Visit scamwatch.gov.au for a more comprehensive overview and additional information about different types of scams.
Learn more about protecting yourself online at:
https://www.cyber.gov.au/learn-basics