Makerere University

Enter a keyword or two into the search box above and click search..

Why Logging Out Of Critical Websites/Social Sites is Important?

You are here

Home

By Arthur Moses Opio

Data is the New Oil, with this age of big data, hackers are always doing whatever it takes to steal information to the gate way/entry point to systems.

90% of work is done online and we are either researching or logging into different websites we have subscribed to or social sites like Facebook, Twitter, Instagram etc. to interact and follow up on different updates. We do also log onto online banking sites, webmail, AIMS system like in our case here in  Makerere University etc. We also use cloud computing tools like Google DOCs, Dropbox etc. to done online work, run surveys etc.

Whenever someone is working online, if they choose to log out because they have to run for a meeting or chat with a friend or take a break for tea or lunch, they end up clicking the cross(X) to just close, this means that when you turn on their computer or still open the browser, their session is still active. It is even worse when people work using their smart phones or tabs and they are left lying on a table without any password protection to both the gadget and the APPS. Very few APPS provide authentication, one of the exceptions we can share is that of the NSSFGO APP that improved it's APP by allowing users to log in after opening the APP, you have to provide the pin.

The online session being active is a big security threat to you as an individual and to our very own network especially if someone lands on your password details for a particular system that is critical to your personal account or University systems.

TRACKING

Many websites today track your online activity and what they do use are called “COOKIES”, these are small pieces of data sent from a website and they are stored on the user’s computer by the user’s web browser while browsing online. Whenever you open a website or your smartphone or computer and it’s a new website, they will bring a note telling you that you should enable cookies(you can choose to enable or not). Cookies were designed to be a reliable mechanism for websites to remember stateful information e.g. what you added to your shopping cat or the last URL you visited. As much as these come to bring convenience they have turned out to be a hacker’s playground because with a click of a button, your history information can all be recovered this is even made worse by sites that always suggest that you store your password, this is like telling a thief we have put the key on top of the door and they are free to enter and pick whatever they want.

ALWAYS LOG OUT DON’T JUST CLOSE

Not logging out is like going to sleep in the night without locking the gate or the main or back door to your house.

You wouldn’t want someone to get in and drive away with your Mercedes or Toyota corona or stealing your high definition TV or even starches of cash that you would have kept in the drawer besides your bed.

By simply closing the browser, you're allowing anyone with access to your computer, legally or not, to open the browser and have instant access to your accounts on such sites, without entering any passwords or usernames.” – Aaron Adams

This means if fraud happened using your account, it is you who is liable, you are the one to answer.

As 2020 kicks and we settle, let cyber security be a high priority.

THINGS YOU CAN DO

  1. Enable Two Factor Authentication

For example, like in our AIMS system, whenever you are online and you happen to forget to log out that is after some time, the session expires even if you just closed, when you want to access the site it will allow you to input your password a fresh. If you forget your password, it asks for your phone number or secondary email address where the token(authentication method) is sent to enable you have access to your account. Make sure even for online banks, such security features are enabled

  1. Log out – If you log into sites like Facebook or other sites you subscribed too, if their sessions don’t expire always log out or check through their security settings to enable two factor authentication e.g. whenever you use a different website to access your account, Gmail
  2. Avoid using public or shared computers like in an Internet café, these are hotspots for capturing information especially if you don’t know what monitoring tools have been installed on them.
  3. If you share a computer don’t assume that because you know each other too well, the other person can’t snoop into your private data.
  4. Clear your browsing history and saved passwords from your browser. For different browsers, the link on this website can help you https://www.bu.edu/tech/services/cccs/desktop/software/troubleshooting/removing-password-from-browsers-saved-password-list/
  5. If you haven’t logged out of the browser, at least log out of the computer or lock it during those short breaks.
  6. Do not click remember password https://answers.mak.ac.ug/security/remember-password-never-click-prompt

 

Category: 
Security