No company will ever, under any circumstances, ask you for your password via email. Any email asking you to provide your password is a phishing scam. If you ever need to enter your password, always type the URL of the company’s site directly into the hyperlink bar to be sure the site is genuine. Also […]

While you can opt for the convenience of having no security checks before logging into Windows, this leaves you vulnerable to anyone else walking up to the machine and looking at your data. This can be especially problematic if you live with other people who don’t need to see what’s on your computer. Adding a […]

Some websites and applications allow or even require special characters – like < and ! – in passwords. If you have the option to include them, do so, since their presence makes the password more difficult to guess than if it only contained alphanumerics.

If you allow Google Chrome to save your passwords, you can find a full list of them by going to passwords.google.com while signed into your account. At the top of this page is an option to “Go to Password Checkup.” This does a comprehensive scan of all your saved passwords and flags any that are […]

Emails that appear to come from a legitimate source and websites that appear to be legitimate may be malicious. An example is an email claiming to be sent from a system administrator requesting your password or other sensitive information or directing you to a website that requests your information. Online services (e.g., banking, ISPs, retailers) […]

Use the strongest, longest password or passphrase permitted. Don’t use passwords that attackers can simply guess, like your birthday or your child’s name. Attackers can use software to conduct dictionary attacks, which try common words that may be used as passwords. They also conduct brute force attacks, which are random password attempts that run until […]