Safe Computing

CSUB requires a second factor of authentication when loggin in, and the campus supported service is Duo Security. Multi-Factor Authentication (MFA) requires at least a second additional login step before you can access an account after proving your username and password. It combines something you know (your password) with something you have (a key or code), keeping you safer online. For more information on Duo and how to get set up, visit our CSUB 2Step page.

Don't select the "remember me" option on websites. Always logout when you're finished using your device, and let a password manager remember all your passwords and login for you next time.

Software updates contain important security and usability improvements. Always update browsers, apps and your operating system promptly so that old bugs don't give hackers a way into your devices.

Using HTTP means that anyone can spy on the data you're sending over the web, making it easier for someone to steal your username and password. Look for HTTPS for a secure connection on the web.

Keep prying eyes away from your computer and mobile devices with automatic lock screens, even if you're just stepping away for a few seconds or minutes. You can also set your screen to time out after a few minutes of inactivity and require a PIN or passcode to get back in to your device.

Before you download that app or sign up for that new website, read the privacy and permissions policy so you understand how it plans to store your data.

Limit the amount of personal information you share or provide. The following is a list of information that you should not post online:

• Address (city and state may be safe) do not post your Residence Hall, sorority house address or even your home address
• Your class schedule or where you work
• Social Security Number
• Birthday (if you do list it, post month and day only, and leave out the year)
• Cell phone number or home phone number
• Passwords or account information

Ask for protection beyond passwords. Many account providers now offer additional ways for you verify your identity before you conduct business on that site.

Combine capital and lowercase letters with numbers and symbols to create a more secure password.

Create unique passwords for every account to help to thwart cybercriminals.

Everyone can forget a password. If you don't have access to a password manager, keep a list that's stored in a safe, secure place away from your computer.

When available, set the privacy and security settings on websites to your comfort level for information sharing. It's ok to limit how and with whom you share information.

Change any default passwords on your mobile device to ones that would be difficult for someone to guess. Use different passwords for different programs and devices. Do not choose options that allow your device to remember your passwords.

Install updates for apps and your device's operating system as soon as they are available. Keeping the software on your mobile device up to date will prevent attackers from being able to take advantage of known vulnerabilities.

Attackers use wireless sniffers to eavesdrop on data-in-transit and steal users’ information sent over unsecured, open networks. Whenever possible, opt for a WiFi network that is protected by a password or account login. If you don't have those options, consider using a mobile hotspot or connecting through a secure VPN.

Wait to post pictures from trips and events so that people do not know where to find you. Posting where you are also reminds others that your house is empty.

To prevent theft and unauthorized access, never leave your mobile device unattended in a public place and lock your device when it's not in use.

Review and understand the details of an app before downloading and installing it. Be aware that apps may request access to your location and personal information. Delete any apps that you do not use regularly to increase your security.