Stay safe online in 2024: Four top tips

Throughout 2023, cyber security remained at the forefront of the internet, with an ever-present threat from hackers, spammers, scammers and even rogue states requiring us to tread carefully in all our online interactions.

Unsurprisingly, phishing (the sending of emails or other messages with the intention of misleading the reader into thinking they are reputable in order to ‘fish’ for personal and financial information) remained the most prominent form of attack.

In 2022, 83% of UK businesses claimed that cyber-attacks against them were phishing attacks, and the story is similar for home users too. But it’s not just phishing attacks that we need to be wary of. Password leaks have become commonplace over the last few years, which is why most providers now not only recommend strong password management, but also 2 factor authentication.

And so, as the new year unfolds, we thought we’d give some reminders of how you can stay safe online in the year ahead.

1. Passwords

Passwords remain a source of contention in the security community. Without careful use – and often additional support – they can often provide little defence against a determined hacker.

But there are rules you can follow to keep your passwords as secure as possible. And the number one password rule is to follow proper password protocol.

So what is that password protocol?

Always use unique passwords – it goes without saying that if you’re using the same password for every account, all it takes is for someone to get the password you use for a single service to then have the keys to your digital life. If you’re using the same password for Amazon, your online banking and your email account for example, frankly you’re asking for trouble.

Use a password manager – use of a good password manager can help you in keeping all your passwords unique. The only password you’ll need to remember is your master password (more on that in a moment) to access your full database. A password manager will also help with the next point…

Use strong passwords – in 2024, it’s time to put Password123 to bed once and for all. A password manager can help to ensure your passwords are much more difficult to crack. This online password checker suggests that ‘Password123’ is ‘very weak’ and would take zero seconds to crack. Using a password manager, we generated this password: dRsLjr4h#;54+p+yt{U{

The same password checker informed us that our new password would take 118 million trillion years to crack!

Now, remembering that sort of password is honestly pretty impossible, which is why you need a password manager to do the heavy lifting. But what about the master password to access your password manager itself? As hard to crack as your account passwords may be, if someone has easy access to them in a database, they’re not much use at all.

Your password manager master password needs to be memorable – if you forget it, you’ve lost all your passwords. And that’s where the ‘memorable phrase’ you've probably read about comes in. Something like ‘Elephant Photocopier Happily Printing 1!’ seems nonsense, but it’s much easier to remember than a string of random characters. Our password checker, by the way, told us that it would take 3 hundred trillion years to crack.

But there’s more you can do to protect your accounts than passwords alone.

2) Two-factor authentication

As strong as a password may be, there’s always a chance it might fall into the wrong hands. And if that password is your only line of defence, handing over a password is similar to giving a burglar your front door keys.

That’s where two-factor authentication (or 2FA) comes in.

We’ve provided advice around 2FA in the past, but here’s what the UK government has to say about it.

Having that secure, second line of defence can mean that even if your password falls into the wrong hands, your accounts can still remain safe (we’d still recommend changing your password should this happen of course). Therefore, if you’re using a service that offers 2FA, use it.

3) Don’t be fooled

As if keeping your passwords safe and secure wasn’t enough to worry about, irrespective of how secure they may be, they can easily be undermined by a single mistake or act of carelessness.

We’re talking about falling for scams, those increasingly believable tricks that convince victims that they’re dealing with a genuine provider when they are in fact handing over their private data to criminals.

Again, we’ve covered phishing and other online (and text) scams previously, but here we’ll again refer you to the official government guidance – 8 pages of extremely useful advice that we should all know like the back of our hands.

4) The future – passwordless security

You may have heard in recent years about the latest solution to staying safe online – passkeys.

They’re the secure method of logging into online accounts that don’t require a password. And no password means no prospect of data being leaked or accidentally shared. And while physical alternatives, from the likes of Yubico have existed for some time, the digital equivalent promises the convenience and ease of use necessary for widespread adoption.

We think Apple have done a great job of explaining passkeys here, so we’d recommend visiting their site for the full lowdown.

Passkeys aren’t mainstream yet, but their popularity is likely to take great strides forward in 2024.