<img src="//bat.bing.com/action/0?ti=5065582&amp;Ver=2" height="0" width="0" style="display:none; visibility: hidden;">
Allyson Kapin 6 min read

9 Tips for Nonprofit Campaigners to Deal With Online Harassment

Nonprofit campaigners are no stranger to trolling. But when it escalates to online harassment, threats, and doxing, this becomes a lot more stressful to campaigners who already have their hands full running campaigns and managing online communities. Unfortunately, many nonprofit teams aren't prepared in dealing with online harassment. In addition to taking screenshots of all harassing communications - texts, social media posts, emails, and reporting it to your manager, HR department and law enforcement, it's important to take proactive steps in protecting your passwords and data.  Here's a few tips to get you started on the ladder. 
  1. Password Length and Passphrase 
    Your password should be over six characters long (and here’s why). A six letter password can be cracked in less than 15 minutes, depending on the targeted system.

    Think “passphrase,” not “password.”
  2. No Password Patterns
    Stop trying to remember all your passwords! Some people try to use memory tricks like cyphers and site name integration, but this can still be insecure if someone figures out your patterns.

  3. Storing Passwords
    Never, ever store all of our passwords in a plaintext file, in any location, anywhere, ever.

  4. Security Questions
    Choose security questions that are unique and unsearchable. And stop taking quizes that asks for your personal history about where you went to elementary school, the make of your first car, etc. and then posting the results on social media for the entire world to see. 

  5. Password Manager:
    Use a password manager like 1password and Keepass (and it's open source)

  6.  Use Multifactor Authentication:
    A method of requiring the person who wants access to an account to verify their identity in more than one way such as via mobile text, etc.

  7.  Multifactor Hard Mode: Yubikeys: Small USB dongles that are similar to a personal smart card. They allow you to “unlock” and access your online account with several providers including Google, Dreamhost, LastPass, etc.

  8. Physical Access: Wipe Data Securely and Remotely

    Being able to revoke permissions and passwords is useful if a device that uses them becomes lost or stolen. Apple’s Iphone , Android, Windows Phone and Blackberry allows you to wipe your phone remotely.

  9. Encryption and Tracking:
    Install 3rd Party apps that can track, wipe, and encrypt your devices from a web interface such as Lookout Security and Prey

Thanks to the team at https://www.crashoverridenetwork.com/ for compiling many of the above resources. 







Allyson Kapin

Allyson has been named one of "Top Tech Titans" by the Washingtonian, one of the Most Influential Women In Tech by Fast Company, and one of the top 30 women entrepreneurs to follow on Twitter by Forbes for her leadership role in technology and social media. As Founding Partner of Rad Campaign, she leads the firm's client and online strategic services. For over a decade Allyson has helped non-profit organizations and political campaigns create dynamic and award-winning websites and online marketing and recruitment campaigns. She works side-by-side with her clients to meet their web needs and maximize their online effectiveness to create real world impact.