Nonprofit campaigners are no stranger to trolling. But when it escalates to online harassment, threats, and doxing, this becomes a lot more stressful to campaigners who already have their hands full running campaigns and managing online communities. Unfortunately, many nonprofit teams aren't prepared in dealing with online harassment. In addition to taking screenshots of all harassing communications - texts, social media posts, emails, and reporting it to your manager, HR department and law enforcement, it's important to take proactive steps in protecting your passwords and data. Here's a few tips to get you started on the ladder.
- Password Length and Passphrase
Your password should be over six characters long (and here’s why). A six letter password can be cracked in less than 15 minutes, depending on the targeted system.
Think “passphrase,” not “password.” - No Password Patterns
Stop trying to remember all your passwords! Some people try to use memory tricks like cyphers and site name integration, but this can still be insecure if someone figures out your patterns. - Storing Passwords
Never, ever store all of our passwords in a plaintext file, in any location, anywhere, ever. - Security Questions
Choose security questions that are unique and unsearchable. And stop taking quizes that asks for your personal history about where you went to elementary school, the make of your first car, etc. and then posting the results on social media for the entire world to see. - Password Manager:
Use a password manager like 1password and Keepass (and it's open source) - Use Multifactor Authentication:
A method of requiring the person who wants access to an account to verify their identity in more than one way such as via mobile text, etc. - Multifactor Hard Mode: Yubikeys: Small USB dongles that are similar to a personal smart card. They allow you to “unlock” and access your online account with several providers including Google, Dreamhost, LastPass, etc.
- Physical Access: Wipe Data Securely and Remotely
Being able to revoke permissions and passwords is useful if a device that uses them becomes lost or stolen. Apple’s Iphone , Android, Windows Phone and Blackberry allows you to wipe your phone remotely.
-
Encryption and Tracking:
Install 3rd Party apps that can track, wipe, and encrypt your devices from a web interface such as Lookout Security and Prey
Thanks to the team at https://www.crashoverridenetwork.com/ for compiling many of the above resources.
COMMENTS