I just started watching USA Network's drama Mr. Robot - set in an incredibly near future that's all too similar to our present, an antisocial network engineer gets recruited into a shadowy organization whose Fight Club-esque mission is to take down the world's largest credit issuing corporation through digital attacks. It might sound a little cheesy at first (and it does admittedly have an incredibly cheesy premise) - but trust me, if you haven't watched it already, you'll be hooked after the first episode. I'll try to keep this as spoiler-free as possible, but the staggeringly realistic depiction of hacking in Mr. Robot actually holds some digital security truths that we can take note of in our daily lives. Here are 5 lessons we can learn from one of the best shows on TV now:
1. Use unique passwords.
Shockingly, 123456 and password are probably not the most secure passwords you could use. They're #1 and #2 on a 2015 list of the 25 most popular passwords. It goes without saying: if you use any of these passwords, change your password now. Preferably something that'd be random and hard to guess for anyone that knows you - even your wife's maiden name and the independence day of Sweden could be guessed from simple contextual clues. It can seem incredibly difficult to come up with a unique, hard-to-crack password, but this awesome comic by XKCD might help lead you in the right direction.
2. Choose uncommon security questions and answers.
Your mother's maiden name, first pet's name, childhood street you grew up on, and father's birth year - what do these all have in common? They're all standard password-security questions, and they're all incredibly easy to bring up in polite conversation. Choose questions that are further down that "security question" list, or if you're really paranoid, come up with keywords you'd associate with those questions rather than directly answering them. Oh, and if your bank calls to verify your identity, make sure it's them.
3. Don't put unknown devices, USB's, or CD's into your computer.
It sounds quite a bit like common sense, but don't put things you don't recognize into your computer. That's an easy way for hackers to surreptitiously install malware on to your devices and all it requires is a curious mind. Consider this: a 2015 study revealed nearly 20% of subjects picked up a random usb drive lying out on the street, and plugged them into their computers. You probably don't want that, unless you enjoy being blackmailed for your identity.
4. Don't share sensitive info over the web.
If your work or life requires you to share passwords and resources with others, do as much of that offline as possible. Putting your info in the cloud just gives it another vector for attack - but like fsociety has pointed out - if nothing leaves the room, there's nowhere else to get it.
5. If you can, use 2-factor authentication for your accounts.
This one isn't explicitly called out in the show, but if you have the opportunity, use 2-factor authentication for your accounts. Google offers it, as well as many web-hosting services among other businesses. It's a process that verifies your identity through knowledge (aka a password) and something you physically possess (like a code in a text sent to your specific phone number).
These are just a few ridiculously easy steps to make your online presence just a little bit safer. And really, if there's an easier target out there, wouldn't a hacker be looking for them?