On this episode of the Digital Citizen podcast, Troy Hunt, creator of Have I Been Pwned?, talks to Fastmail CTO, Ricardo Signes, about engaging in good cyber hygiene.

Troy shares how he landed a career in security and talks about his workshop, Hack Yourself First. You’ll also learn what cyber hygiene is, a concept that everybody who uses the internet should have a grasp on. RiK and Troy also discuss the advantages of passwords, the benefits of utilizing a password manager, and the red flags that often indicate phishing scams online.

▶️ Guest Interview - Troy Hunt

• Follow Troy Hunt on Twitter - @troyhunt
• Try Have I Been Pwned? today!
• Learn more about Hack Yourself First
• Check out Troy’s blog
• Learn more about how Fastmail keeps your data safe

🗣️ Discussion Points

• Troy began his career as a software developer. Sometime later while running Pfizer’s application architecture, he began noticing recurring bad code. Rather than writing the same email over and over, he decided to create a blog post on the topic aimed at developers. This is where his career pivot towards security began.
• Passwords have one major thing going for them, which is that everybody understands how they work. You are better off using a new, different password when creating accounts on different sites. Password managers, such as 1Password, are great tools to help you keep track of passwords and other confidential information.
• While those of us who are building systems need to lead people down the path of success, users also have the responsibility of maintaining their own cyber hygiene. Good cyber hygiene includes things like choosing strong and unique passwords and turning on two-factor authentication.
• When it comes to phishing, a key indicator of a fake site is a misspelled URL. Luckily, some platforms very obviously display phishing warnings if you happen to click on a fake website.
• Comparing the severity of data breaches ranging from household lighting to bank accounts. IoT devices have massively expanded the surface of risk and expose classes of data which had never been digitized before.
• Troy’s workshop, Hack Yourself First, is primarily for developers and teaches participants how to hack themselves first. This gives them the opportunity to see how fraudsters actually operate and identify the areas they are most in need of extra protection.

⭐️ Takeaways

• You are better off using a different, unique password on every site.
• Password managers aren’t just for passwords, but can securely store other sensitive information.
• Cyber hygiene is important. We should think about what kind of passwords we’re using, if we have turned on two-factor authentication, and what information we are giving to websites that they don’t actually need.
• Hack Yourself First workshops are a great opportunity to discover potential vulnerabilities and learn more about how hackers operate.

🔵 Find Us

• Send us a question for our bonus episode
• Digital Citizen Website: fastmail.com/digitalcitizen
• Check out our blog
• Tweet us @Fastmail

💙 Review Us

If you love this show, please leave us a review on Apple Podcasts or wherever you listen to podcasts. You can also take our survey and send us a question for our bonus episode.