Being cyber safe

Create a strong password 

Some tips are:

• Longer is better - create one made up of three or four random words,
• Don't use family names, birthdates or addresses, 
• Don’t recycle your passwords - use a unique one every time.

If remembering your password is a problem, use a password manager and setting multi-factor authentication adds an extra layer of security.

CERT NZ has a handy guide on How to create a strong password (cert.govt.nz).

Use a password manager

A password manager is an application that stores, creates, and manages all your passwords – like an online safe. There are lots of different password managers available. Work out what features are important to you and find one that suits.

Set up multi-factor authentication

MFA is about having a combination of something you know, like your password and something you have, like your cell phone or something you are, like your face or your fingerprint. MFA adds an extra layer of security to your online identity and makes it harder for people to access your information. 

More reading

• CERT NZ have information on how to use MFA to protect your accounts and,
• The Office of the Privacy Commissioner has an article on using MFA in the war on cybercrime. 

Authenticator apps

This is an app you install on your smart phone. It creates a one-time code that you need to login, as well entering your username and password. 

There are several free authenticator applications you can use. Microsoft Authenticator, Google Authenticator, LastPass Authenticator and Authy Authenticator are some popular ones. 

Once you have downloaded the app:

• Go to Settings for the account you are logging into,
• Select the Authenticator app option, which should show a QR code,
• Take a photo of the QR code to link the app to your account.

Keep your devices updated

Turn-on automatic updates for all your devices. This means that every time a patch is released to plug a vulnerability on your device, it is automatically applied without you having to do anything.

Go to CERT NZ to find out more: Keep up with your updates

Backup your data regularly

There are lots of things that might cause data losses, including theft, natural disaster, device failure or a computer virus. Taking a digital copy of your data and storing it somewhere else is like an insurance policy for your data.

Find out more by going to:

• Microsoft’s website – backup and restore for Windows 10 and 11
• Apple’s website – backup and restore for Apple macOS
• Google Help - back up your Google Drive

Secure your home network

Home networks can be vulnerable both to strangers who want to use your internet and to those who want to steal your, or someone else’s information. Secure your network by:

• changing the password regularly,
• enabling encryption (WPA2 or WPA3),
• changing the name of your network (don’t use your address or family name),
• turning off remote access,
• keeping your router updated. Your router’s support website support page will have more information.

Cyber threats often take the form of scams that try to persuade you to voluntarily share important information. While most scams come in the form of an unsolicited email, there are also text and voice scams.

Scams are becoming more sophisticated and harder to spot. Some things to look out for are:

• Freebies – you are offered something for free. You may also be asked for a small up-front payment to secure your freebie or given a link to click to get you access.
• Time-pressured – there’s a sense of urgency. You must do something now!
• Being asked for money – don’t give out money to online friends or partners.
• Requests to verify an online account, like your bank account details. Don’t click on any links – if in doubt, ring the organisation and check whether the communication is legitimate.
• Out of the blue tech support. No reputable organisation will contact you and ask for remote access to your device or account. Again, if in doubt ring the organisation and talk to someone about it.

While convenient, free wifi can be unsecure. Check that the address starts with HTTPS and not HTTP. Turn off file sharing if you are using cloud file storage and remember to log off.

Be careful about what you post on social media. Cyber criminals can use information from your profile to pretend to be you or guess passwords.

Don’t accept friend requests without checking out who they are and become familiar with the privacy settings and restrict to family and friends.