Some important web security tips!
Cross post:
This article is for any internet user!
Don’t use easy to guess passwords. Use a password manager. I would say, even you should not know your password!
Do NOT display password in plain text anywhere!
Always use MFA — Multi Factor Authentication! I would write a separate article about various MFA techniques, strengths and weaknesses. And separate articles for web developers.
Always look for https when submitting sensitive information. Nowadays, this is a lesser threat because most websites are using https, but in some very rare scenarios some websites have no SSL but prompt for password. I came across one such website in the past 6 years. Don’t want to discuss the details, but contacted the owner and suggested some free alternatives such as Let’sEncrypt.
Do not connect to public wifi, use VPN.
Even private wifi, use VPN as much as possible.
Some websites such as FaceBook, Outlook, GMail allow verifying current sessions and activities. Review periodically.
Change passwords periodically.
Stay safe and thwart the hackers!
