As humans we all have unique patterns in our fingerprints, voice, face composition and eyes. These are unique to each of us and technologists have discovered that they can be used as our very own keys to unlock our digital devices or to access information. You may have seen facial recognition or fingerprints being used on mobile phones or the eye being used to unlock a secure safe in a bank in a movie. We can train a virtual assistant on our mobile phone using Artificial Intelligence to recognise our voice to unlock our phone and perform actions for us.
This area is known as biometric security. Biometric security measures the unique characteristics of a person’s fingerprint pattern, voice, face and iris or retina to identify patterns and match the unique characteristics. They are used as an alternative to PIN codes in mobile phones, to access buildings, in banking apps and for immigration purposes.
Tip: If you receive a prompt to update your device’s software you should do so as soon as possible.
How can I activate 2FA to protect my most important accounts?
You should activate 2FA now, starting with your important accounts:
- All online banking and financial accounts (e.g. your bank, PayPal)
- All email accounts (e.g. Gmail, Outlook, Hotmail, Yahoo!)
If you have a lot of email accounts, prioritise those that are linked to your online banking or other important services.
The steps for activating 2FA are different depending on the account, device or software application.
For more information on how to turn on 2FA read our step-by-step guides.
Tip: Check your backups regularly so that you are familiar with the recovery process, and ensure your backups are working properly.
How can I create a passphrase?
Create passphrases that are:
- Long: at least 14 characters long, using four or more random words. The longer your passphrase the more secure it is.
- Unpredictable: use a random mix of four or more unrelated words. No famous phrases, quotes or lyrics.
- Unique: not re-used across multiple accounts.
If a website or service requires a complex password including symbols, capital letters, or numbers, you can include these in your passphrase. Your passphrase should still be long, unpredictable and unique for the best security.
Tip: Always remember to never reuse a passphrase across multiple accounts.
- Lock your device with a passphrase, password, PIN or passcode. Make it difficult to guess – your date of birth and pattern locks are easy for cybercriminals to deduce. Use a passphrase for optimal security. You might also consider using facial recognition or a fingerprint to unlock your device.
- Ensure your device is set to automatically lock after a short time of inactivity.
- Don’t charge your device at a public charging station and avoid chargers from third parties.
Treat your phone like your wallet. Keep it safe and with you at all times.
Software and App Security
- Use your device’s automatic update feature to install new application and operating system updates as soon as they are available.
- Set the device to require a passphrase/ password before applications are installed. Parental controls can also be used for this purpose.
- Check the privacy permissions carefully when installing new apps on your device, particularly for free apps. Only install apps from reputable vendors.
- Enable the remote locking and wiping functions, if your device supports them.
- Ensure you thoroughly remove personal data from your device before selling or disposing of it.
- Turn off Bluetooth and Wi-Fi when you are not using them.
- Ensure your device does not automatically connect to new Wi-Fi networks.
How do I recognise scam messages?
It can be difficult to recognise scam messages. Cybercriminals often use certain techniques to trick you. Their messages might include:
- Authority: is the message claiming to be from someone official, such as your bank?
- Urgency: are you told there is a problem, or that you have a limited time to respond or pay?
- Emotion: does the message make you panic, hopeful or curious?
- Scarcity: is the message offering something in short supply, or promising a good deal?
- Current events: is the message about a current news story or big event?
Tip: Think Before You Click
- Think before you click on links on emails, websites and SMS.
- Always be sceptical of attachments you receive.
- If your browser tells you a website is unsafe, close it immediately.
Remember: No IT person, government department or business will contact you and ask for your login details.
* What information should I avoid sharing?
Avoid sharing information (including photos) online that cybercriminals can use to identify you, manipulate you through a scam or deduce your account recovery questions. This may include your:
- Birthplace and date of birth
- Address and phone number
- Employer and work history
- Where you went to school
Any other personal information that can be used to target you