6 ways for political campaigners to keep themselves safe online

A security button - CC0 Public Domain

“My social media account was hacked” has become one of the most cliched even-less-of-an-apology-than-a-non-apology-apology response by candidates and elected officeholders to embarrassing content being found online. But as the occasional bona fide case of real hacking or other cyber incident illustrates, taking online security seriously is now a must.

Here, then are some simple tips on what you need to get right if you hold public office, are seeking public office or otherwise help run a political party or campaign.

Have good passwords

A surefire way to feel depressed about the ability of humanity is to read the lists of the worst passwords used by people. We humans are dumb.

Instead, pick good passwords and – crucially – have a different password for every system, so that if one account is hacked this does not put at risk all your other accounts. Password safes are the way you can manage this, letting you have unique passwords but without the headache of having to remember them all.

Use two-factor authentication

Don’t just rely on a password to secure an account. Turn on two-factor authentication – which means you have to take a second step to login, such as getting a numeric code sent to you by text message or from an authenticator app on your phone.

This was my 2014 new year resolution, thankfully, as it makes your systems much safer than simply relying on a password, however good that password is.

Here’s Tom Scott explaining what it’s all about in case you’re wondering why simply relying on a password isn’t good enough:

Beware phishing

This, a variant on the con tried out by Samuel Pepys, is the crime, art and science of sending you a fake message which looks genuine enough to con you into entering your password into a fake system, handing it over to someone who then uses it to access and abuse your account. Variants on this include luring you into clicking a dodgy link that results in malware being installed on your computer. Either way danger, if not doom, follows from your click.

Google’s phishing quiz is a good way to hone your skills at spotting the fakes in your inbox.

Keep backups

Things will go wrong from time to time. You will at some point need to recover from a mistake such as the wrong thing being deleted. Which is why you need to keep backups, including for your Twitter account if you have one.

For both Macs and PCs, I recommend Backblaze.

Close your old accounts

Having defunct accounts hanging around online brings security risks. So if you’ve stopped using something, close it down.

If one of your social media accounts really is hacked

React sensibly.

Leave a Reply

Your email address will not be published.

All comments and data you submit with them will be handled in line with the privacy and moderation policies.