🔐 Best Practices for Online Safety
The security of your online accounts depends greatly on your personal diligence. Always treat your login credentials, including **passwords** and **multi-factor authentication codes**, as highly sensitive information.
Using Strong and Unique Passwords
A strong password is at least 12 characters long and includes a mix of uppercase and lowercase letters, numbers, and symbols. The most critical rule: **Never reuse passwords** across different websites or services. Use a reputable password manager to help you generate and store unique credentials securely.
Multi-Factor Authentication (MFA) is Essential
MFA adds a critical second layer of protection. Even if a bad actor obtains your password, they cannot access your account without the second factor. We highly recommend using an **authenticator app** (like Google Authenticator or Authy) over SMS-based codes, as SMS can be vulnerable to certain attacks (e.g., SIM swapping).
Recognizing and Avoiding Phishing
**Phishing** attempts often involve deceptive emails or websites that try to trick you into entering your login details. Always check the URL in your browser's address bar before entering any sensitive data. Legitimate sites will have the correct, verified domain name and a **lock icon** indicating a secure connection (HTTPS). Never click on suspicious links or download unexpected attachments from unknown senders.