Learn how to keep your accounts and sensitive data safe and secure online.
In most cases, your password will be the only thing protecting your online accounts. While certain services and social media platforms do offer multi-step logins – which offer much better protection – many online services still don’t. That’s why you should always make sure you have a strong password.
We have provided a few helpful hints and tips on how to make your password as secure as possible.
It’s so easy to use the same password for all your accounts, but this can be dangerous.
Hackers know that many of us use the same (or similar) passwords for most of our online accounts. If they manage to get hold of a password for one account, they will often use an automated process to try and log in to as many online services as they can using that password.
If you use the same password for your email account, online shopping websites, social media and your online bank – the hacker would only need to find the password for one of these to be able to login to all your online services. That’s a lot of information.
To make your password as strong as possible, we recommend you use a combination of uppercase and lowercase letters, numbers, and even special characters. This makes it much more difficult for automated programs and hackers to guess your password. Check out the Learn how accounts become compromised section below to understand how hackers get hold of account passwords.
Do not use real words in your password. Hackers will often use an automated software that attempts to guess account passwords using dictionary words. If your password is based on a dictionary word, it’ll be much easier a hacker to work it out.
A good way to secure your password is to substitute some of the letters in your password for numbers. For example, instead of writing the letter 'S', you could use the number 5, which looks very similar. The same applies for other letter and number combinations.
It may sound a bit obvious, but you should never share your password with anyone - even if you trust that person. They may not mean to, but a mistake could compromise your accounts. They could enter your details into a computer that is infected with malware; or if a hacker manages to break into one of their accounts, the hacker might then be able to use the information they find to hack you too.
Trusted people includes professionals like Technical Support Agents, or your computer engineer. You should never share your passwords with anyone.
You should regularly change your passwords – even if your passwords are strong and unique.
Even if you don’t have any reason to believe any of your accounts have been compromised, it’s still worth changing your passwords regularly. Sometimes, when a hacker gains access to an account, they may just monitor it until something valuable appears. For instance, they may watch an email account until a password reset link for a bank appears.
It may not seem that your account has been compromised at all, so changing your password regularly is a good way of minimising the risk of this happening.
It’s up to you how often you change your passwords, but it's generally a good idea to change them every few months.
Password managers are software applications that store your login information for all the websites you use. This way, you’ll be able to create a complicated and original password for each of your services without having to write it down anywhere.
Because you’ll be using them to store such sensitive information, you should make sure you do your research before you select a password manager. Many reputable security suites, such as Norton, include a password manager as part of the service.
Password managers making it easier for you to create unique login details for all your online services by remembering your login details for you. These will be encrypted in a database, protected by a master password.
When set up, your password manager will handle all the logins for all your online services for you. When you try to access one of your accounts, you’ll be prompted enter your master password into your password manager. The password manager will then retrieve your login details for the service you’re trying to access.
The best password management services use two-step authentication. With two-step authentication, a hacker will still need to complete a second step (which is usually linked directly with one of your devices) before they can log in – even if they have your password.
It’s very important that you use a completely unique and very complex master password. If your master password is obtained by a third party, and you don’t have two-step authentication, a hacker could gain access to all your online accounts through the password manager.
Most online services have password recovery options. These are used to regain access to your account if you forget the password. These questions normally ask for things like your favourite football team or your mother’s maiden name.
To be as secure as possible, make sure these questions and answers as hard as possible to guess. You don’t want to use information that people can easily find out about you online.
You should make sure that you have anti-virus software installed on all the devices you use online. Computers, tablets and mobile phones can all be infected with malware, which hackers use to farm sensitive information like your logins, passwords and even your financial information.
If you don’t have any online security yet, you can try our Virgin Media Internet Security on PC or Mac. Get Internet Security powered by F-Secure on unlimited devices for £30 a year, with your first 3 months free. It’ll automatically detect and remove viruses, malware, ransomware and spyware. What’s more, it’s compatible with all device types, from your laptop or MacBook to your Android or iPhone.
Log in to your account to activate Virgin Media Internet Security.
Operating systems and software applications sometimes have vulnerabilities in their code. These can be exploited by a third party to steal personal information. When these weaknesses are discovered, they’ll usually be fixed by developers with a software update or a patch. That’s why you should always make sure your software as been updated to the latest version.
Most operating systems have an automatic update system, so you should make sure that’s activated. When you’re busy, it’s very easy to keep putting an update on snooze. To keep as secure as possible, you should run the installation as soon as you can.
Learn how to update software.
You should try to use two-factor authentication wherever possible, as it adds a second layer of protection.
When you try to log in to a service that has two-factor authentication activated, you’ll receive a confirmation notification - some services use an app while others will simply text an authentication request to your phone. You won’t be allowed to access the account until you to confirm it’s you.
With two-factor authentication, a hacker will need both your password and your device to get into your account – making it much more secure.
Encryption is the most effective way to properly secure your data. To read an encrypted file, you must use a security key or password to decrypt it.
There are a number of ways to encrypt files. You can get specialist encryption software and applications. Some computer operating systems can be set to encrypt your hard drive’s contents when the machine is not being used. You can also find secure note functions on some password managers, which allows text to be held securely.
Hackers will frequently use fraudulent emails and texts to try steal your sensitive information. We have provided some help and advice on how to avoid this kind of fraud below.
Emails and texts can be written to look like they’ve come from a trusted company or individual when in fact they haven’t.
By pretending to be reputable companies, hackers will try to trick you into revealing your sensitive information – either by entering it into fraudulent sites or sending it to them directly. Alternatively, they will attempt to trick you into downloading some malicious software that will attempt to farm sensitive information from your device.
If you have any suspicions that the message could be fake, you should never click any links or download any software contained within the message. You should also never reply to the message with any sensitive information.
If you are worried, you can always contact the company or individuals the email claims to be from to ask if the message is genuine.
There are also a few things to look out for in a message that can help you identify it as a scam:
Usually, these kinds of scams are sent through spam emails. While most will be safely filtered into your junk folder, some can still get through. Don’t worry, we have a guide that can help you manage these unwanted messages.
Learn how to stop spam emails.
If you’ve been a victim of cybercrime, or if you’ve spotted any potential cybercrime online, then you should report it. Visit Action Fraud, the police’s online national fraud and cybercrime reporting site.
You can also report an incident to the Internet provider that owns the IP address that is responsible for the abuse. All reputable Internet providers forbid users from committing abuse over their networks – and can disconnect those who do. You can identify who the Internet provider is by running a Whois lookup on the IP.
Personal and financial information isn’t only stolen through hacks. It’s always important to keep your devices secure, and never give out sensitive account information to anyone – even those you trust.
We recommend you do the following to help you keep your accounts safe:
Online accounts can become compromised in a number of ways. We have outlined the most common techniques used by hackers below:
Having your device’s important information backed up and saved in a remote location means it can remain safe if something goes wrong.
Sometimes, when your device gets a virus or becomes infected with malware, you might need to format it to clear the malicious software. This won’t only clear the virus, but all your personal data too. That’s why it’s so important to back up.
But it’s not only through malicious software that you can lose your data. Hardware damage or other physical damage to your computer, or theft, can leave you without your data.
There is plenty of data backup software out there to choose from. The most trustworthy will come as part of a larger security suite, though these can be a little more expensive.
A VPN helps protect your data from prying eyes, especially when using public WiFi. It's much easier for hackers to access your online activity on a public connection than it is when you're on a private secured network. A VPN encrypts your data, so any would-be hackers won't be able to see sensitive information like your passwords or bank card numbers.
You can get a VPN as part of an online security package, though you may need to pay a subscription. Usually, you'll be able to use your package across multiple devices, meaning you can protect your laptop and phone from one subscription.
Just as a strong password is important for protecting your online accounts, you should always protect your devices with a good passcode.
Laptops, MacBooks and phones all generally prompt you to create passcodes during setup, so make sure you don’t ignore this step.
Like with passwords, we recommend using a unique passcode on each of your devices.
You can find more help and support for security issues, including what to do if you’ve been the victim of online fraud or cybercrime, on our security hub.
Learn more about online security.