Managing your passwords
With so many online services (banking, social networking, messaging, e-commerce...), it's tempting to manage your passwords too simply (identical passwords, a common root, simple passwords...).
Such a practice is dangerous and compromises your access security.
Here are a few best practices to adopt in terms of password management:
Use a password that is sufficiently long (at least 12 characters), complex (mixing upper and lower case letters, numbers and special characters) and different for each service,
Use a password that is impossible to guess (simple logical sequence, containing personal information available on social networks, etc.),
Never give your password to a third party. No serious company will ask you for your password,
Use a password manager (such as https://keepass.info/, free software certified by Anssi, but other tools exist). Avoid using the password managers supplied with web browsers,
Don't use your passwords on a shared computer,
Finally, as soon as the platform you're using allows it, activate double authentication (also known as MFA, multi-factor authentication, two-step verification, etc.).
Update your terminals regularly
All operating systems (Windows, MacOs, Linux, Android, IOS...) and software have weaknesses that cybercriminals can exploit.
Make sure that all security updates are installed automatically whenever possible on your computers, smartphones and connected objects. Otherwise, you'll have to manually download and install the available security patches yourself, something we often forget to do.
Use only the official websites of software publishers
Think before you click
Analyze incoming e-mails before clicking on links or opening attachments.
Avoid dubious or illegal websites.
If you download files from dubious websites, you run a high risk of installing illegal or infected programs containing viruses or Trojans on your PC. Malicious parties could then take remote control of your computer, steal your personal data, encrypt your computer...
Phishing campaigns, whose e-mails and fake websites follow the graphic charters of major retailers, regularly target Internet users.
Some of these campaigns, for example, entice you to log into your customer area by informing you of an order that has just been placed, and tell you that all you have to do is authenticate yourself (on the fake site) to cancel this "order" for a large sum.
Report security incidents
Our security team provides this email address: security-alert@wifirst.com so that you can report incidents relating to our network.
Good to know: our teams will never ask you to access your computer via a remote control session. Never respond positively to such a request.