Every day should be Safer Internet Day

It’s time to start managing your passwords.

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Every day should be Safer Internet Day

I didn’t notice, but apparently yesterday – February 5th – was Safer Internet Day.

Personally, I think every day should be considered Safer Internet Day. You need to take online security and safety seriously every day of the year, as you never know when you might fall for a scam, find yourself being phished, or duped into opening a malicious file attachment.

Due to the nature of my work, travelling around the world giving talks about hackers and cybersecurity, I find myself regularly being asked for advice (normally, it seems, by taxi drivers to and from airports) as to what they can better do to stay safe online.

Sign up to our free newsletter.
Security news, advice, and tips.

So, here are my top five tips for staying safe online:

  1. Use a password manager.
  2. Use a password manager.
  3. Use a password manager.
  4. Use a password manager.
  5. Use a password manager.

Once you’ve mastered those top five tips for your online security, you can move on to the advanced course.

  1. Enable two-factor authentication

Password managers are fantastic tools. They can:

  • Generate strong, hard-to-crack passwords for you. (rather than you rely on your puny human brain to dream one up)
  • Remember these complex, long passwords for you.
  • Ensure that your passwords are all different. If you don’t, you’re opening yourself up to the threat of hackers using the login credentials they’ve stolen from one site against one of your others.
  • Warn you if your password is one that has been seen in a past data breach.
  • Prevent you from entering your passwords on a phishing site.
  • Store things other than passwords which you may not want to lose – such as your passport information or bank account details.
  • Securely store all of this sensitive information in an encrypted vault meaning that only you can access it.

When I explain it to folks, they normally get it.

But there will always be the occasional skeptical person who will (quite rightly) wonder if it’s safe to entrust all of your passwords in a password manager. I actually love that people think of this question, and it’s a good sign of just how smart taxi drivers are around the world that they think to ask it.

My belief, however, is that you are considerably safer storing your passwords in a password manager than relying upon your little grey cells to conjour up strong, unique passwords for every single online account you have and remember them. I use a password manager, so should you.

Stay safe on Safer Internet Day+1 and beyond, and get a password manager.

Then we can start talking about two-factor authentication.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

7 comments on “Every day should be Safer Internet Day”

  1. Malik

    So far I have just been using an Adobe Acrobat pdf with 256 bit encryption and a password. Literally all my login information is in it. Three copies, three locations. Pain in the butt to have to update then replace files, but it's worked so far. Out of curiosity, is there a password manager you recommend for Windows users that would not make me scared to take the leap?

  2. George Harrison

    Hi. I am all in favour of internet security and I do not use the same password on multiple sites and I use 2FA. I also use a VPN, and this is the problem. I have discovered that I cannot access my on-line banking when the VPN is turned on, but I can when it is switched off. But surely, the one time I really need to have a VPN is when I am making contact with my bank. Please can you explain?

    1. I think you should be asking your bank for the explanation of that one…

      Possibly they're doing it as a "security measure" to prevent hackers from overseas accessing your account, but really the bank will be the ones to ask.

  3. Finbar

    Hi Graham

    I currently use my grey matter to retain my passwords but as I have passed the half century I am starting to wonder about the disk reliability and as swapping out the storage is not presently feasible due to the proprietary nature of the device – Is there a Password manager that you would recommend ?
    My fear is that if the password Manager gets hacked or worse suffers data loss from a disgruntled employee, my entire life will be exposed to the entire web…… which has stopped my moving over to one before
    I currently use iOS and windows

    Thanks

    1. Graham CluleyGraham Cluley · in reply to Finbar

      I personally have used 1Password for some years. Very happy with it.

      But I also know people who swear by LastPass, Dashlane, and BitWarden – so you could give them a try too.

      The major password managers take security pretty seriously – it's a much better bet than relying on your puny human brain. Just make sure you choose a strong master password!

      1. Spryte · in reply to Graham Cluley

        Well can you recommend something that will cover Windows, Linux, iOS9 (for my old iPad2) and Kindle Fire?
        I have a version of Sophos Security on my iPad which will generate a KeePass compatible file but I have yet to find something to use it on as it has very steep learning curve and the poorest documentation I have ever found.
        Now my passwords are in an encrypted spreadsheet on my Windows box and a copy on OneDrive… but if I lose the (Windows based) encryption programme I'd be lost.

  4. coyote

    I'd throw in a couple other things that are vital:

    (1) backups (and disaster recovery plans). Secure backups.Redundant backups and redundant storage is also a wise idea.

    (2) Stop blindly trusting. This does mean thinking before acting which is difficult for a lot of people to do but it's a good thing to learn how to do.

    And I would extend your idea of 'Safer Internet Day' every day to be 'Safer Day' full stop. People should be far more careful in every way. But when it comes to physical safety or the safety of those you care about (and if you're a good hearted person everyone) this is even more important.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.