It seems like every week, we hear about a new data breach involving passwords, and as frequent targets of digital attacks, journalists are at particular risk. Most online attacks, however, aren’t fancy. Attackers most commonly try to access your accounts by guessing short, predictable passwords, or by sending phishing emails designed to trick you into sending them your credentials in a malicious login webpage. Fortunately, the defenses are also simple. These guides and resources will help you learn how to protect information in online accounts.
One of the most common security threats journalists face is phishing—convincing you to enter your real credentials, in a fake login form. Read about how to identify hints of phishing, and some simple defenses.
One of the best, and easiest ways to strengthen login security is by enabling two-factor authentication. This just means requiring a second piece of information beyond your password. This guide describes the strategy behind two-factor authentication, a few common types of two-factor authentication methods, and how to set it up step-by-step.
We know from publicly-available data breaches that many people use short, predictable passwords, and this introduces unnecessary risk to account safety. This guide introduces three ways to create more secure, and hard-to-predict passphrases — passwords composed of memorable codes and random words.
Most people use one or a small number of passwords across multiple websites. The problem is that, if one website you use suffers a password breach, hackers can reuse your password on other websites as well. Password managers help solve this problem by making it easy to generate long, unique passwords across every website, so that if one password is breached, the breach is isolated to just one website. Many password managers even allow you to automatically fill out your credentials on web browsers and your smartphone, making sign-in faster, easier, and more secure.
If you are experiencing a digital security emergency, Access Now offers a free, 24/7 digital security helpline for journalists, activists, and other civil society actors in nine languages.