Virginia Tech® home

7 simple steps to stay secure

student using laptop outdoors on campus
Danny Sharp, a freshman general engineering major, relaxes on his computer in between classes.

Improving your online security doesn’t have to be complicated or time-consuming. Some of the most effective defenses are simple to do. 

1. Use 2-factor authentication.

2-factor authentication (a.k.a. multi-factor authentication)  adds a security layer in the event someone gets your password. Virginia Tech requires 2FA to log into most university services, and more businesses are offering 2FA — so if it's an option, use it! 

2. Keep your software, apps, and operating systems up to date.

Updates contain important “patches” to fix security vulnerabilities that are discovered. Skipping updates leaves you more vulnerable to a cyber attack. Most devices let you enable automatic software and app updates. Also, check your computer's privacy and security settings to make sure your firewalls are on.

3. Make strong passwords.

Your job here is to make your passwords difficult and time-consuming for humans and bots to guess.

  • Use at least 12 characters - the longer the better. 
  • Don't reuse passwords across accounts; that way, if one gets compromised, your other accounts aren't affected. Use a password manager so you don't have to remember them all. 
  • Here are more password tips to follow.

4. Think before you click!

Scammers like to cause panic (your account has been disabled!), make tempting offers (click to get a free $1,000 gift card), or impersonate authorities like the IRS or police to pressure users into sharing personal information or clicking on links that contain malware without thinking first.

If you get an email, text, or call you’re not expecting, or if anything seems off about a message: 

  • Don’t respond. 
  • Don't click links.  
  • Don't open attachments
  • Do follow advice for how to spot a phish.

5. Take caution when using WiFi.

Many public Wi-Fi spots are not secured, so it’s best not to use them, especially for transactions that involve personal or financial information. If you can’t avoid using public WiFi, consider using a virtual private network (VPN), which essentially creates a secure connection over top of a network.

6. Be careful what you share online.

It's easy for others to learn things about us on social media: where we live, frequent hangouts, even family members' names.

  • Opt out of displaying your location on apps.
  • Make personal social media accounts private to limit who can see your profile. 
  • Heed the advice you’ve heard over and over: if you aren’t okay with the whole world seeing it, don’t post it online.

7. When in doubt, report the incident.

If you suspect you’ve been hacked, stop using the affected device, disconnect it from WiFi and data networks, and report the incident.

  • Report phishes to your email service. If the phish appears to come from a Virginia Tech person, also report the incident to the IT Security Office . 
  • Report suspected malware or other issues affecting Virginia Tech computers or accounts to the IT Security Office.
  • If your home computer or phone has been hacked, change your passwords and enable 2FA for your accounts. You may also need to contact your bank to enact a fraud alert, or wipe your phone or hard drive. You may also consider reporting the incident to a federal authority.