Your privacy and sensitive data is important. Here are some security tips you might consider to protect your account from exposure.
We highly recommend to use a strong password. While simple passwords might be easy to remember, they are more vulnerable to all kind of different attacks. If the password is weak it might not even need some programming skills or software to crack your password. The longer and more complex the password combination is the more effort, time and skill it will take for an attacker to reveal it.
Password length is by now considered the most important factor for password security. The longer the password is the longer an automated algorithm will take to crack it.
You can strengthen your password by adding complexity to it. This is done by using upper letters, lower letters, numbers and special characters.
Phrases can be used to make passwords easy to remember and strong in length. A phrase can be for example a sentence.
You should never share your password with anybody or use shared passwords with others. The risk of a possible exposure just multiplies with every person who knows your password.
It is good practice to change your password once in a while. However the password should then be a totally different one and not follow the same pattern as the last password. However updating a password should not reduce the strength level.
It is tempting to use the same password for all applications, but it is a bad choice. You should always use different passwords. If you always use the same password it means that somebody could get access to all your sensitive data and applications.
It is the best practice if you can remember all your passwords (for example by using password phrases) with your own memory and not write them down or store them somewhere. If you plan to backup your passwords in case you can not remember it, you must consider the security of your backup solution as well. By making a backup, you will create a copy of your password. This increases the chance of an exposure.
On your password creation we support the following special characters
| character | title |
|---|
| Exclamation mark | ! |
| Number sign | # |
| Dollar sign | $ |
| Percent sign | % |
| Ampersand | & |
| Left parenthesis | ( |
| Right parenthesis | ) |
| Comma | , |
| Hyphen-minus | - |
| Full stop | . |
| Slash | / |
| Colon | : |
| Question mark | ? |
| At sign | @ |
| Left Square Bracket | [ |
| Backslash | \ |
| Right Square Bracket | ] |
| Caret | ^ |
| Low line | _ |
| Left Curly Bracket | { |
| Right Curly Bracket | } |
| Tilde | ~ |
It is best practice to not open any of your sensitive applications from public devices. You never know who is listening. It is possible you might be asked to save your password inside the browser. If you do this from a pubic device anybody with little skill can get your password.
If you prefer to save your password inside the browser you should only do this on devices where only you have access to. The password will be accessible inside the browser for everybody who uses the device.
Remember me is a convenient way to just always be logged in. This function is convenient but bears security risks. You should never use this function on any public devices or devices where others have access to. If you consider to use the remember me function you should only use it on a device that only you have access to.
If you are done with your session just lock out of your account. That prevents that somebody who might have access to your device can just continue the session without your awareness.
Two factor authentication (2FA) is a good way to add an extra layer of security to your account. To access an account you will normally only provide some kind of user identification and your password. By using 2FA authentication you will have two authentication steps instead of just one. The 2FA authentication might be a pin or short code which comes from a separate device or from a smart phone app. That means that even if somebody got access to your password it will not be possible to access your account without having access to the 2FA authentication device as well. You must make sure nobody else has access to your 2FA devices. If somebody gets access to them it is easy to retreat codes and get access to your sensitive data.
Email addresses are commonly used to identify a unique user and confirm some kind of existence or trust. The idea is that one email address will only belong to one person. When you registrar a new email address you must chose an email address that nobody else has. The same as you secure your application accounts you must secure your email access. If your email address can be accessed by others your application accounts might be exposed by building fake trust. We recommend as well that you do not subscribe to unnecessary email newsletter or share your email address with parties you do not trust. If others know your email address they already know one part of your identity.
Beside email addresses, mobile phone numbers are a regular method for identification. You must secure your devices and make sure nobody has access to them. If others can access your device, they might catch short messages and misuse them to steel you identification and trust.
If you do not need your account or subscripton anymore in the future you should terminate it. This will protect your privacy.
