Resources

Your first steps with Cyber hygiene

Today I’ll start with an article series on cyber hygiene. This collection is not meant for everyone, does not ramble on abstract technological concepts and does not requires high levels of technical knowledge to be understood. Instead I’ll try to suggest practical actions that will allow any user to maintain a state of "health" of their interactions with technological components, services, and platforms.

---------------------------------------------------

Habit

When I was young, ny father used to insist that I repeat certain daily activities with incessant (and sometimes frustrating) frequency: "brush your teeth after every meal," "air and make your bed every morning," "put your toys back in their box after you are finished with them," and the classic "try to be physically active for at least thirty minutes a day." I was also taught not to do certain things under any circumstances, such as: "never skip breakfast", "don't get hooked on drugs under de pretense of making friends" and "don't cross the street without looking in both directions".

The volume of recommendations that were provided to me at the time felt somewhat overwhelming. As a result, I naturally forgot to do some of the things I was asked to do (particularly airing the bed, which back then did not make much sense to me). However, these behaviors and the frequency with which I was required to repeat them were gradually imprinted in my mind. Today, I am grateful to my father for caring and helping me to develop good habits.

I’m sure that if you consider yourself a mildly functional adult, you’ll also have someone to thank for having instilled and trained you to carry out a set of habits that allow you to keep hygienic conditions around you.

But wait a minute! What the actual hell is a habit? --- For your personal use, my reader, and to be certain that I include “the obligatory definition” of a term that we are all supposed to understand, here is a literal copy of the meaning of the word habit: (easily Googled, no hard definitions):

Habit

/ˈhabət/

  • a settled or regular tendency or practice, especially one that is hard to give up
  • a long, loose garment worn by a member of a religious order or congregation
  • (archaic) dress; clothe

Though it may prove fascinating to investigate further into the word’s different definitions, I’ll refrain from delving into religious attire trends today. This article solely addresses the first meaning, which refers to a regular activity.

According to Dr. Phillipa Lally of University College London, a psychologically healthy person can develop a new habit in 18 to 254 days, most of the observed individuals do so in less than 66 days. Furthermore, Neuron magazine's October 2014 issue includes an article which establishes that curiosity and motivation are critical factors in the process of habit formation; the author of the same article pronounces that once a person enters "curious mode," their ability and proclivity for learning improves dramatically, even if the subject does not arise interest in them.

It makes sense, doesn’t it? If you air your bed before making it for 254 consecutive days, you will most likely continue to repeat this activity indefinitely and, in some cases, the activity will be done without a second guess, it’ll be automatic. Now, at the “collective level of mankind”, we have also concluded that the practice of cleanliness is crucial for preventing illness spread and maintaining health (let’s remember this was not the case in previous historical eras). The last few years have not been an exception; the COVID 19 epidemic forced us to adopt new sanitizing methods and habits.

In the context of the "new reality," the advent of the wonderful (yet, in some cases, challenging) Home Office has given us the opportunity to set aside common the rules and habits of working in an office, tolerating long hours in the available mode of transportation, eating from among the four right angles of a tupper, and juggling a complicated schedule scarred by distant locations and long commutes. However, having a new work environment (regardless of your familiarity with the family room or study) necessitates developing new, vital habits as important for you as for your organization: cyber hygiene practices.

This words, which appear to have been taken from a Neal Stephenson novel (thanks for the Cryptonomicon, Neal), is just a way of referring to the assortment of practices that help us preserve the "health" of our data, devices, and online presence. In a nutshell, cyber hygiene is a collection of actions carried out on a regular basis to preserve the health and well-being of the technology with which we engage.

To tempt your curiosity and motivate you to make a change to create new positive habits, through the next indefinite series of articles, I will offer actionable tips for you to protect yourself within the digital environment in which you carry your day yo day.

The first of which has to do with passwords.

Meditate

Let's make a list of the accounts you (probably) manage: your bank account, your streaming service(s), your eCommerce profiles, your email (company and personal), your social networks, your accounts on government platforms, your “software as a service” accounts, your accounts on video game platforms, phew... At least, you have 10 active internet accounts, with 10 different passwords, and you access them frequently.

Although, there is a slight possibility that more than two of those services share the same username and password, right?

Habit: Set secure (strong) passwords

Keeping tens if not hundreds of passwords can be quite overwhelming, but for someone without cyber hygiene, managing a few of these can be a nearly impossible task. To make our life easier and to establish stronger and healthier habits regarding passwords, my first recommendation is for you to get (and use) a password manager.

To avoid ranking the most popular solutions on the market on a completely subjective basis, or to document a highly technical comparison that’ll foster greater confusion; I will simply share the features that, as a user of this type of software, I have found most valuable:

  • The application requires you to input a master password to access the entire vault, each time you open it.
  • The application integrates a generator with settings to modify the length and composition of passwords.
  • The app features synchronization capabilities with different cloud storage services (Google Drive, Dropbox, Box, OneDrive, iCloud, etc.)
  • The application is cross-platform, meaning that you can install it on multiple operating systems and devices, without functionality issues.
  • The application can perform scheduled or manual audits on your database to prevent duplicity or weakness in your passwords.
  • The application encrypts the local copy of your database. That is, the copy that stays on your computer.

Additionally, any of the following features are helpful, although not all apps and devices support them:

  • The application connects to an online service that notifies you of possible violations of your accounts on other internet platforms.
  • The application can use the biometric hardware of your devices to improve access security (think fingerprint reader, faceID, etc.).
  • The application notifies you about extended life periods of your passwords, suggesting you to change them.

For practical purposes, any password manager that has these capabilities is fine (of course, all of this is arguable and debatable, but in the age of social media, what isn't?).

Take action

To close this topic with a flourish, I invite you to change your passwords, now. With a password manager, this becomes an extremely simple task, which does not require technical knowledge. If you decide to venture out and acquire such a solution, follow the next recommendations to set a master password:

  • Use more than 12 characters in length; the longer your password, the better.
  • Use “N” lowercase characters; where “N” is always a number smaller than the total character count in your password… in other words, DO NOT use passwords made up of only lowercase letters.
  • Use 1 uppercase character. Come on, one uppercase character! Your name has one, the name of your favorite soccer team has one, the name of your country has an uppercase letter, it's easy!
  • Use 1 digit. We all have a lucky number. Just don’t use numbers related to personal data such as your birthday.
  • Optional: Use a symbol such as ampersand or an exclamation mark, just for the laughs.

Stop complaining! It is easy to build passwords like this: if you concatenate the model, brand, and year of your favorite car, you end up with pretty good password. For example:

Bugattiveyron1

It looks like something pretty easy to remember, doesn’t it? But believe it or not, security.org suggests that it would take nearly 9 million years for a regular computer to break this password… more than enough time to stop using the account; don’t you think?

Want to check how long it would take for a computer to break your password? Follow the next link: https://www.security.org/how-secure-is-my-password/

I’d like to remind you once again: Cyber hygiene is not an once-in-a-lifetime event, but a series of steps that must be followed frequently to create healthy tech habits.

I hope for you to keep following this blog and wait for the next blog entries. Remember: KIO makes it possible.