Printer friendly page

Internet Security
Internet Security

In last week's 'Introduction to the Internet' tutorial, we looked at your options for obtaining technical and accounts/billing support in the event that you experience difficulties using services provided by BigPond(R).

This week we look at how to keep your Internet account secure from unauthorised access.


General notes

If you are new to the Internet, you may not be familiar with some of the concepts that this tutorial deals with. Don't despair! Keep a copy of this email so that when the concepts are covered in future tutorials, you can come back and re-read it in light of what you have learnt.

You can visit any of the Web sites mentioned in these tutorials by clicking on their names - your Web browser will automatically connect to and display the Web site. Make sure you are connected to the Internet first.

Alternatively, you can manually instruct your Web browser to connect to a Web site by typing its Web address in Internet Explorer's Address Bar - but you needn't include the "http://" portion of the address if you do.


How secure is the Net?

Computers networks are valuable tools. By connecting computers together, networks allow users to share information and resources quickly and efficiently. The Web, without doubt an incredibly useful tool, would not have been possible in the absence of computer networks.

Unfortunately, the easier and faster networks make it for users to communicate with one another, the greater the potential for security risks.

Why? Put simply: security and ease of use do not mix.

The Internet, like most computer networks, tries to maintain a balance between security and ease of use. Obviously, if users find it too difficult to communicate with one another, or access the various resources available online, they won't bother to use the Internet at all. Similarly, if the process of communicating is insecure, users won't go online for fear of exposing themselves to unreasonable risks.

Without doubt, some aspects of using the Internet are insecure. It is important that you are aware that, although not easy, it is technically possible for other people on the Internet to:

- read your email as it travels across the Internet.
- obtain your user name and password via unauthorised access to your computer.

However, you can take precautionary action to minimise or remove these risks. We will identify what steps you can take in this tutorial.


Passwords

When you registered with BigPond, you were asked to nominate a username and password that you must supply each time you connect to the Internet.

Your username identifies you to the BigPond service. Your password verifies that you are who you say you are, as only you should know your password.

Your username is "public" information - anyone that knows your email address knows your username (your username forms part of your email address, as we discuss in a subsequent tutorial).

However, you should keep your password private. Never disclose your BigPond password - it is an important piece of identification (on the same scale as your bank account PIN).

If someone knows both your password and username, they can connect to your BigPond account and masquerade as you online, run up your access fees, read your email...or worse. As with your bank account PIN, it is your responsibility to keep your BigPond password secure.


Changing your password

In addition to keeping your password private, you should change you password regularly (preferably at least once a month) to ensure its security.

You can change your password online, via the 'My BigPond Account' service on the BigPond Web site. Access the service by clicking the 'My BigPond Account' link that appears in the menu of services at the top left-hand side of the BigPond Web site, or go directly to

https://www.bigpond.com/mybigpond/default.asp

The 'My BigPond Account' service allows members to manage a range of account and billing functions. As such, it is located on a secure area of the Web site, and you must supply your current BigPond username and password before you can gain access to the service.

Once inside, click on the 'Change password' option, and then complete the Web form to change your password. To ensure that there are no errors when you enter your new password, you are required to enter it twice.

Click the 'Update' icon to change your password.

The new password will take effect immediately, so you must use it the next time you go online and when you next retrieve your email.


Choosing secure passwords

Secure passwords require more than secrecy. You also need to ensure that your password isn't easily guessable.

Human nature being what it is, people tend to choose "easy" passwords - passwords that are easy to remember, or short, so they are easy to type. However, "easy" passwords are insecure passwords.

The guidelines below will help you select a password that is both secure and easy to remember:

- The DOs

- Do choose a password that is difficult to guess, but easy to remember. One useful tip is to think of the name of your favourite song or movie, then use the first or last letters of each word in the title plus the name of the main actor/singer (e.g. The Sound of Music and Julie Andrews = tsomja).
- Do use a combination of letters and numbers in your password (e.g. bat4bob).
- Do change your password regularly.
- Do use a mix of upper and lower case (e.g. dWaf9ERp). Big Pond Home passwords are case-sensitive, which means that aPPle and Apple are treated as different words. You must enter your password exactly as you selected it, using the same upper and lower case letters each time.

- The DON'Ts

- Do not write your password down anywhere.
- Do not use your name(s), date of birth, maiden name, child or pet's name, or other obvious pieces of information as your password.
- Do not use any word that can be found in a dictionary (including foreign words).
- Do not use the same password for different services (i.e. don't use your BigPond Home password as your password on other Web-based services).
- Do not use any of the example passwords in this tutorial (or in any book or other tutorial you read on computer security) as your password.


Saving passwords

The dialogue box that appears each time you connect to the Internet (in which you enter your username and password) generally includes an option to 'save' the password, so you do not need to retype it every time you connect.

It is recommended that you DO NOT elect to save your password.

Although it might be inconvenient to type your password each time you connect to the Internet, doing so will prevent other users from accessing your account from your PC without your permission (such as while you're away from your PC or in the event it is stolen).


Disclosing your password to the Help Desk

The only time you should disclose your password to another person is when you contact the BigPond Customer Services Centre by telephone. The staff may need to know your password so they can access your account details when assisting you.

Only disclose your password to the staff if you contact them on the advertised contact number.

You will never receive an email from a BigPond staff member, or other BigPond employee, asking you to supply your password or credit card details. This is a dupe commonly used by computer criminals to trick users into disclosing their account details.

If you receive such a message, DO NOT RESPOND. Please forward it to
abuse@bigpond.com or contact BigPond to report the incident.


Secret Question & Answer

As mentioned, when you contact the BigPond Customer Service Centre for assistance, you may be asked to disclose either your password or credit card details to verify that you are who you say you are.

As a more secure alternative, you can nominate a secret question - one that only you know the answer to - that the staff can use to verify your identity.

Nominate a secure question (and the answer) via the 'My BigPond Account' service. To recap, you can access the service by clicking the 'My BigPond Account' link that appears in the menu of services at the top left-hand side of the BigPond Web site, or go directly to

https://www.bigpond.com/mybigpond/default.asp

Think carefully about the question that you nominate. Avoid obvious questions, like "What is my surname?" or "What street do I live on?", or questions that someone else knows or may be able to guess the answer to, like "What model was my first car?".


Email Security

In the event that you need to contact either the BigPond technical support or accounts departments via email, it is important to remember that email is not a secure communication method. As such, you should never include your password or credit card details in any email message. If you need to communicate either your password or credit card details, do so by calling the Customer Services Centre.


Printing this tutorial

To print a copy of this tutorial, click on the File pull-down menu and select Print.

Alternatively, you can use the Ctrl-P shortcut (Windows) or the Apple-P shortcut (Mac) (press the Ctrl or Apple button on your keyboard and, while holding it down, press the P key).

A print dialog box will be displayed (the same one you see when you print documents from your wordprocessor). Follow the onscreen prompts to print the document.


Unsubscribing from this tutorial

If you would prefer not to receive these tutorials, you can unsubscribe by clicking the following link:

http://telstra.com/tcoma/Subscriptions/unsubscribe.asp?PubID=43.
 


Users who viewed this answer have also viewed
 
•  You can't change your username or email address
•  Set up Outlook 2002 / 2003 (XP)
•  Turning Off User Account Control in Windows Vista
 
SEARCH OUR ANSWER LIBRARY
 


   Search Tips
 
  
About This Answer
 

 How helpful was it?

0%
25%
50%
75%
100%