9 things you're doing that make you the perfect target for a hacker

When it comes to securing online devices, people get lazy. Quite often people choose the easiest, most uniform passwords. Every year SplashData releases a list of the most common stolen passwords, and the results are embarrassing. For instance, the number one most used password, according to breached files posted online, is "123456." Coming in at number two is "password." People should choose more advanced passwords. Put a number in there, why not add a punctuation mark or two. And while you’re at it, don’t make it a common word or something obviously associated with you. Hackers are looking for people with easy passwords and pounce every time they find one.

But even the most advanced passwords can be guessed or stolen. When this happens, it’s best to have a safeguard. Two-step authentication makes gaining unwanted authorization into private accounts much harder, as it requires the user to verify their identity twice. For instance, if you enter your password you’ll be directed to another page to enter a code that was sent to your cellphone. This is a pretty easy step, and provides a lot of protection.

While accessing the internet on coffeeshop wi-fi may seem convenient, it also opens you up to a slew of potential hacks. For instance, security firm Cylance discovered a huge vulnerability in the routers of some of the largest hotel chains. This vulnerability potentially gave hackers unfettered access to users' web surfing. Additionally, free public Wi-Fi was just proven to be an essential tool to launch large-scale DDoS attacks. A security professional once told me that he never checked private accounts like bank and work data using hotel Wi-Fi. If you are, it could be getting you in hot water.

It happens all the time: You see something you want to buy, you click the checkout button, it asks for your credit card information, and you complete the transaction. But there’s one important step you may not have looked out for: Whether the page is secure and using the HTTPS protocol. It’s easy to check — just make sure there’s a green lock symbol to the left of the URL. If there isn’t, it’s easy for hackers to snoop on where you’re surfing as well as intercept the data you were trying to transmit.

This may sound very specific, but it’s actually something everyone should look out for. If someone is turning to a place like eBay or other auction-like online sites, seller feedback is of the utmost importance. Be wary of good deals from these sites, as they quite often turn out to be scams.

One of the most common ways hackers gain unwarranted entry into people’s accounts is by social engineering. This is a way of getting unsuspecting users to do the hacking work for the hackers. Instead of writing a lengthy code that will break into a walled-off network, some scammers merely send off an email with an attachment containing a malicious file. These attachments quite often appear as innocuous files, like pdfs, but in reality they are dangerous executable files. And once the file is on your computer, there's no telling what havoc it can wreak.

Similar to opening a bad attachment, people fall prey to phishing campaigns. This is when a message leads a user to a website that mimics a trusted source, but in reality isn’t. Quite often people get emails asking them to change their account password, and links to a page asking for precious credentials. This is one of the easiest ways hackers get your information, and it could have been stopped just by checking the source of the link.

As annoying as it may seem, having the same password — or similar passwords — for all of your accounts is simply unsafe. If this password becomes public, hackers can gain entry into all of your personal services. The only way to make sure this doesn’t happen is to have a unique password for every individual website you’re a part of. There are apps like 1Password and LastPass which can help you create and manage multiple unique passwords.

Hacking is a sad reality, and more often than not it's caused by human error. When it does happen, this doesn't mean you should beat yourself up. It means that you should be prepared for what's going to happen.

For example, it's important to know how to swiftly change all your passwords, make sure all your finances are kosher, and perform a thorough audit of all your digital accounts. Here's a great rundown from Wired about what to do after learning you were hacked.

Defenders of the web: The people behind 7 influential security companies