
Cyber Smart Week: Four simple steps to staying secure
It only takes a few minutes to upgrade and update your devices and passwords to stay safe online.

Do you reuse the same password for multiple websites? Why have you got a curious friend request from someone on social media you’re already friends with? It’s time to strengthen your cybersecurity and here’s how.
If you’re thinking you should really get around to tightening up your cybersecurity but just haven’t got around to it, you’re far from alone.
In 2020, a joint survey by Cert NZ and the Ministry of Business, Innovation and Employment found 60% of respondents were concerned about the security of their online personal and payment information.
However, the survey also found many consumers weren’t doing enough to stay safe – such as using two-factor authentication (2FA), proactively changing passwords and using a password manager.
With banks, NZ Post and even the MetService being attacked by hackers this year; cybersecurity has never been more important.
This week is Cyber Smart Week. It only takes a few minutes to update your details and devices and be protected.
Upsize your passwords
Bigger is better when it comes to passwords.
Make them long, complex and hard to guess. Don’t choose a short password for convenience or reuse the same one on multiple websites. A strong password contains upper and lower case letterers, numbers and punctuation.
If you have trouble remembering passwords, try making them a catchy phrase of four or more random words, with a mix of numbers, letters and symbols (for example, “AutumnStr0ngPasswordP1zza!”).
A password manager is an easy way of storing and generating complex passwords.
See our test of password managers to find the best for you.
Upgrade to two-factor authentication
Two-factor authentication (2FA, also known as two-step verification) is when an additional code or password is needed to login to a service, but it’s not one you create.
A 2FA code is sent to you via text message or email or generated by an authenticator app (you need to set this up first). You’ll need to enter this code when prompted to get in. This code means someone can’t login, even if they have your username and password.
You should upgrade your logins and use this extra protection whenever possible.
Many services – from bank accounts to email and even social media – offer and encourage two-factor authentication.
For more on two-factor authentication, see our password managers buying guide.
Update apps and devices
Updating your devices and apps is the easiest way to fix security bugs and keep out viruses. If there’s an update available for your device or an app you use, it could mean there’s a vulnerability being exploited by attackers. Update as soon as possible.
For example, last month Apple encouraged users to update their iPhones, iPads, Macs and Apple Watches smartwatches to patch a security vulnerability that was being actively being exploited.
Don’t forget to keep your security software updated as well. See our computer security software reviews to find the best program.
Uphold your privacy
The best thing you can do to protect your privacy online is don’t over share. Take control of your online privacy by turning off any settings that share your details.
On social media this means checking your sharing settings, such as displaying your date of birth and your friends list visibility, are set to private or “Friends only”. This can stop your accounts being cloned or mined for data.
Also avoid sharing posts that ask for personal information in disguise. These posts often ask for information commonly used in security questions – such as your hometown or grandmother’s maiden name. This information can then be used to hack your accounts.
Other tips to keep cyber safe
- Use a Virtual Private Network (VPN) when connected to unsecured or public WiFi.
- Don’t reply to unsolicited emails.
- Don’t open attachments or click links on emails from people you don’t know.
- Don’t open links from unsolicited text messages.
- When paying online make sure the website is secure by checking the URL (web address) starts with “https” and there’s a padlock in the URL bar on your browser.
Check out our article about scams and how to avoid them.
Report scams and cyber attacks
It can be devastating to realise you’ve been hacked or scammed, but by reporting them you can help prevent others from falling victim.
If you’ve been scammed, act immediately:
- Contact your bank and the police.
- If you’ve downloaded anything, don’t use your machine.
- Contact NetSafe for advice on how to ensure your computer is safe to use.
Report any other cybersecurity issues, such as hacks, to Cert NZ.
Member comments
Get access to comment