1. Password Security
1.1. Don’t use common words, period! Or something equally predictable onto a common word. It is a fact that about more than 20% of all passwords are easily guessable. Example: 12345, QWERTY, your name, your birthday, etc. Hackers have dictionaries of these words and only they need to look up your password with their dictionaries to find out your password. They can do this in few minutes. If you’re doing like this then you are a hacker’s best source of entertainment.
1.2. Don’t reuse the same password across two or more sites. Make your e-mail password different from your Facebook password, and so on. If someone manages to get one of your passwords, then they can access to ALL your accounts if they use the same password. Because If I hack your Gmail account password I’m going to assume you used this password for your Facebook account also.
1.3. One of The best ways to prevent someone from getting your passwords is to have a strong password. The passwords should contain 8+ characters long, contain at least 1 capital letter, and contain at least 1 number and special character.This will make almost all the hackers impossible to brute force your password. The Brute forcing is nothing but, a hacker runs a program that tries every letter/number/symbol combination to guess your password. If you follow these tips for a stronger password, it will take years to brute force your password.
2. Wi-Fi Security
Another way your accounts easily hacked is by being connected to an insecure Wi-Fi, or connected to a Wi-Fi with an easily hacked password.
2.1. Avoid using free public Wi-Fi. Anyone connected to the same Wi-Fi as you with and have access to any account you log into, like Facebook, YouTube, online banking… anything. Only access accounts using Wi-Fi networks that you trust.
2.2. DO NOT use WEP for your router security, use WPA or preferably WPA2. WEP keys are extremely easy to hack.
2.3. If your router has WPS enabled (wireless protected setup), DISABLE IT. An exploit allows WPS to be cracked pretty quickly allowing the attacker to figure out your WPA2 key.
3. Use original operating systems and keep it up to date.
4. Install good antivirus software and keep it up to date. Also, install a good anti-spyware to keep spyware away from your computer.
5. Make sure that your firewall is enabled.
6. Avoid using any public computers or internet cafe to access any sensitive/confidential information, transactions like Internet banking, online shopping etc. Because these systems may be infected with some of the Virus, Trojan, Spyware etc.
7. Always try to visit known and trusted websites.
8. Always click the "log out" button to close your login session rather than simply closing the browser window. Also, clear your web browser caches after every session to remove the temporary files stored in the memory and hard disk of your PC.
9. Before you’re going to enter your password on any login page, make sure that you can see HTTPS instead of HTTP in your browser’s address bar.
We may wonder what is the difference between HTTP and HTTPS ..?HTTPS protocol implements SSL (Secure Sockets Layer) and provides better security than a normal HTTP. Secure Sockets Layer (SSL) is the most widely used technology for providing a secure communication between the web client and the web server. Most of us are familiar with many sites such as Gmail, Facebook etc., using HTTPS protocol on their login pages. When we see this, we may wonder what the difference between HTTP and HTTPS is. In simple words, an HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a “Secure communication”.
10. Beware of phishing !, Phishing is a way to capture your information such as usernames, passwords and credit card details, so Do not respond to any emails that request you to update your login details by clicking on a link in the body of the email. Such links can lead to Fake Login Pages or Spoofed Pages. It looks and feels almost identical to that of the original websites. "BEWARE"