Do you ever get annoyed by the overly complicated login CU Boulder requires for their platforms? I’m pretty sure I’ve spent more time logging into MyCUHealth’s portal than I’ve spent inside Wardenburg but there’s a reason for all of that – your grades, medical information, and cringy drunk texts are all stored in databases and all hell would break loose if it weren’t for the improvements cybersecurity professionals (and enthusiasts) have made over the years.
So how do you protect yourself?
- Update Your Passwords.
-
This one’s pretty obvious but if you’ve been using the same password since you made a login for your first video game, you should probably change it. Chances are it’s a pretty simple password. Each extra letter your password has makes it harder to crack exponentially so make sure it’s long. Having capitals, symbols, and numbers also makes the number of combinations increase significantly.
- Don’t Put Extremely Detailed Information On The Internet.
-
Platforms such as LinkedIn and Facebook use your known information by nature (how will an employer know who you are if you don’t have your full name on your LinkedIn profile)? But if you have a moderately popular account on apps like TikTok, which shows your videos based on people’s algorithms instead of people you know, there’s a chance a lot of strangers know who you are. There are databases anyone can easily access (legally) and while there may be people with your name if you give out which school you go to, the state you live in, what siblings you have, or even what your zodiac sign is, someone could narrow you down to a single person in that database. And when even your address is public knowledge (seriously, do a google search on yourself), there’s a chance you can get doxxed or stalked by a complete stranger. Keep some details to yourself and I promise you it’ll keep you a lot safer!
(I actually tried this out and for some reason, I couldn’t find a couple of people in multiple databases. Weird!)
- Don’t Click Sketchy Links.
-
Gen Z is more aware of these things but attackers send messages with links by the masses. Either that or some people use fake identities (surprisingly not a felony) to build trust with someone so clicking on a link seems a bit safer. Don’t click on a link in general if you don’t know who someone is because it could be a phishing link which may install viruses or malware. It could also be something like an IP grabber which can be generated using software, and you definitely don’t want that information out!
- Use Multi-Factor Authentication.
-
An attacker can use software to crack a single password, but what if they had to find out your password and also have access to your phone messages when you need a code sent to your text messages in order to verify it’s you? You’ve definitely encountered this when you logged into a google account on a new device. A lot of the time, multi-factor authentication is optional and I understand the laziness of clicking ‘no thank you’ but if you really want to keep yourself safe this method is basically foolproof.
- Keep An Eye Out For On The URL – Is It http or https?
-
Have you noticed that most official sites use https? That’s because https is encrypted, which means the data is ‘translated’ to not be barebones plain text. That and it also looks out for MITM (man in the middle attacks), so it detects when an attacker is accessing the information exchange between the application and user. For example, the colorado.edu address would give you a warning that the site may not be secure. Meanwhile http sites are simpler and usually aren’t as careful because they’re more lax about encryption. A general rule of thumb is also looking for how sketchy a site is :if there are ads everywhere and the theme looks like it hasn’t been updated since 2005, you might want to go somewhere else.
