Password do's and don'ts: 6 ways to stay safe online


It seems like every day we're hearing about new breaches, leaks and hacks at major websites and services. The latest, on eBay, could be very serious. (If you haven't changed your eBay password yet, do so now!)

If we don't take charge of our own online security, who will? Here are a few basic tips for keeping your data safe.

  • Get a password manager! These apps keep track of your passwords and can even create new ones for every site — you only need to know one "master" password. Some browsers and devices have them built in, but there are also free options like LastPass and Keepass that work across apps and platforms.

  • Pick strong passwords! If you can't or don't want to use a password manager, make sure your passwords aren't things like "password" or "123456." Many sites accept spaces and punctuation now, so instead of just your dog's name (bad idea, by the way), you can put something like "Isn't Fido the cutest?" Believe it or not, that's probably as strong a password as "3Fid0_cutez0r" — and a lot easier to remember.

  • Don't repeat passwords! If your eBay password is also the one you use on Amazon, Google and Facebook, all those are compromised, too, and hackers will be quick to take advantage. Yes, it can be a pain to remember several strong, unique passwords — all the more reason to use a password manager.

  • Sign up for two-factor authentication! The name is a mouthful, but the feature is great, making it so any changes to your account have to be OK'd not just by an email, but on your phone as well via an app or text message. Google, Facebook Twitter, and others have it — look in the "security" section of their options pages.

  • Use common sense! Don't open weird attachments, don't install software from random websites and don't put your password ANYWHERE but in fields marked "password." No one legit will ever ask for it; only hackers and scammers will.

  • Keep anti-virus software around — but don't depend on it! As they say, an ounce of prevention is worth a pound of cure. Download a few of the many free malware and virus detection apps out there (Spybot, MalwareBytes, AVG) regularly, but remember they can't prevent hacks that have never been seen before, or ones happening halfway across the world.

Check out more tips from BuzzFeed technology editor Charlie Warzel:

Nothing can remove all risk, of course — the Internet is still something of a Wild West. But you can keep the damage to a minimum when things like the eBay hack happen. Stay safe out there!