Bad cyber hygiene will cost you more than your social life

Bad cyber hygiene will cost you more than your social life
© Getty Images

You make conscious decisions about it each day. The people you interact with have the same decisions to make. Like you, they decide whether or not to take risks.

Some employers will talk about it and maybe even require mandatory training on it. But, what you do at home is your own decision. Sometimes, you even decide that the way you are at home is the way you are going to be at work. You decide how to handle your own hygiene.


This is not about the person next to you on the bus or metro that did not shower. This is not about that one person at work that insists on coming in even when they are obviously sick. This is not about your personal physical hygiene, this is about your personal cyber hygiene.


You can focus on three major areas to improve your personal cyber security and mitigate some threats to you and others. If you're worried your cyber hygiene stinks, try using this mnemonic device: PEW, which stands for passwords, email and WiFi.

1. Passwords

First, change all your default passwords. Do not use simple phrases, important dates or people’s names. Your passwords should be at least 12 characters in length and should be a mix of numbers, letters (upper and lower case) and characters.

Remember that using a blank space counts as a character. It is not clever to substitute characters and numbers for letters while still making a word, like "Pa$$w0rd," for example. Do not use simple keyboard patterns, like "1qazZAQ!" or "1qaz2wsx#EDC."

Some possible techniques include mixing languages or using long phrases. Change your passwords on a regular schedule and do not use the same password for every account. Your social media password should not match your banking password. Finally, do not ever write your passwords down on a sticky note and put them on your monitor or under your keyboard.

2. Email

Like regular mail, you should read your email in its entirety before taking any action. Even if you recognize the sender, be careful with attachments and links. Run a virus scan on all attachments. Before clicking a link, check the URL for errors.

Some nefarious entities will substitute similar letters in URLs, such as I for an l (PaypaI vice Paypal). If you click on that link, you could go to a site that looks like a regular site, but all it is doing is logging your personal information to use on the real site.

It is unlikely that you have a long-lost rich uncle in a foreign country. Do not believe emails that promise a reward for free or for sending a small fee. Check the email for typos and other irregularities. If you receive emails like this, block the sender and delete the email.

Finally, do not forward emails that promise fortune if you will just send them to 10 of your friends. There is no science in that, and you will likely just infect your friends.

3. WiFi

If you use public WiFi, you should minimize what transactions you do. Unless you take precautions to encrypt your data, do not conduct financial transactions on public WiFi. Visit sites that use https in the URL because those sites encrypt your session on their site.

You can also use a virtual private network (VPN) to secure all of your activities on public WiFi. Some sites offer free VPN accounts if you do not have access to one through your employer.

Your home WiFi should also be secured. Do not name your router something obvious like your name, your address or other easily identifiable names. If your internet provider issued you a router with the password printed on the side, change it immediately.

The password for your router should follow the same conventions discussed above. If you allow people outside of your immediate family to use your WiFi, set up a guest account for those users. When they no longer need it, change the password.

You choose how to deal with risk each day. Do you sit next to the person on the bus or metro that is obviously sick or do you choose a different seat? Do you choose to use your spouse’s name and birthday as your password or choose a more difficult password? Do you click on the link before making sure it is taking you to the site you are supposed to be visiting?

There are over 3.8 billion people on the internet right now, how do you want to control your interaction with them? Remember PEW and maybe your hygiene will be better and your interactions will be less prone to infection. 

Lt. Col. James Coughlin is an Air Force officer currently serving as a National Security Affairs Fellow at the Hoover Institution at Stanford University. He is an Air Force cyberspace operations officer and holds a BS in Information & Decision Sciences, a MA in Special Operations/Low Intensity Conflict, a Masters of Military Arts and Sciences in Strategic Studies and is working on a Doctorate in Education Leadership and Management. The opinions of James Coughlin are his own and do not represent the options of the Hoover Institution, Stanford University, the United States Air Force or the Department of Defense.