Best Practices for Work and Personal Online Security

Best Practices for Work and Personal Online Security

Best Practices for Work and Personal Online Security

As more people and businesses use online services, more entities become available for cyber criminals and hackers to target.



Most computer infections are caused by people downloading and running the virus themselves; i.e., being tricked. These infections come in all shapes and sizes. For example:

  • In email attachments that say they're invoices, parking tickets, or legal judgments.

  • A website will say you need to update software in order to use it.

  • As a part of other programs you download and run from disreputable sites.

  • You're told you have an infection and you need to do something to fix it.

  • Some viruses, when they infect computers, will email themselves to everyone in someone's address book. You can't trust even files you get from friends unless you were expecting them and the email makes logical sense. If in doubt, always reply back and ask.

Never download files or run software that isn't something that you were specifically looking for. The software you do get must be from a link on the original company's website that you searched for and verified as real. When you do install software, make sure you read every option it gives you - oftentimes installations will bundle unwanted software with what you actually want.


Overtime we've learned to use passwords that are difficult to remember, but easy for computers and hackers to guess. This does not have to be the case. There are simple steps to follow that show how to create strong passwords that are also easy to remember.

First, what not to do:

  • Re-use passwords adding new/sequential numbers at the end.

    • GeauxTigers1, GeauxTigers2, GeauxTigers3, etc.

  • Use common/easy-to-guess passwords.

    • 12345678, password, qwerty, football, baseball, abc123, 111111, letmein, passw0rd, welcome, etc.

  • Use words found in the dictionary, even if they are slightly altered (e.g., replacing a letter with a number).

  • Include a word or phrase of special importance to you like a birthday, telephone number, or even social security number. This is not always private information and can be easily discovered by someone doing a little digging. Remember: If a piece of information is on a social networking site, it should never be used in a password.

  • Use the same password for more than one account, especially for financial accounts.

How to make a strong password:

  • Use a password manager app.
    These work by having you remember just one very strong password that's used to access all your accounts' unique passwords which are generated by the password manager app (these generated passwords can look like this: aae-yJE-Vgr-XbR). Password manager apps make you less vulnerable online by generating strong random passwords each time. Think of password manager apps as a post-it note for your passwords - except it is not left on your desk, visible to everyone, and the passwords are generated to be very secure and hard to guess.

    • iPhones, iPads, and Macs have a free built-in strong password manager app called iCloud Keychain

    • The following apps work with iPhones, iPads, Macs, Android devices, and Windows machines

      • LastPass offers both a free version and a "premium" version as a subscription

      • 1Password is subscription-based

      • Dashlane is also subscription-based

  • Use multi-factor authentication when available.

    • Not every website/app/service offers this, but if they do it can usually be found in their settings > password/security section

    • This works by logging in normally, but is immediately followed by a prompt to enter another form of identification such as a PIN sent to you via text or email.

  • If you must create your own password, follow these tips:

    • Use at least 8-characters.

    • Use a description or short phrase mixed with numbers and characters.

      • E.g., think of a memorable picture and describe it with four words:

      • E.g., string multiple nonsensical words together such as "correct" "horse" "battery" "staple": C0rrectHorseB@tteryStaple

    • Use a complex sentence to create an easy to remember pseudo-acronym.

      • E.g., "My dog was born in New Orleans, Louisiana on July 16th" could become MdwbiNO,LAoJ16

      • E.g., "The Office starts at 8:00 PM on Tuesdays and Thursdays." could become TO@800PMoT&Th

      • E.g., if your children are named Henry (born 1984), Catherine (1986), George (1990), and Jennifer (1992), your password could be Hecageje84869092 (the first two letters of each name combined followed by their birth years).

With this information, you can easily cut out the majority of security risks we face in our internet-driven, everything's-connected society.