Skip to main content
Apply Library A-Z Find a person Maps
Brightspace Email
University
of Victoria
Apply Library A-Z Find a person Maps
Sign in Online tools Sign out
Alumni

Cyber security expert offers life hacks

April 19, 2023

Man in suit and tie smiling.

UVic double grad Nav Bassi shares his dos and don'ts when it comes protecting yourself online. 

  • Name: Nav Bassi

  • Expert in: Cyber security and new technology.

  • Current job: Principal, Product Strategist, Workday, Inc. Former Senior Director & Chief Information Security Officer at the University of Victoria and  Instructor with UVic’s Division of Continuing Studies.

  • UVic degrees: BSc in Computer Science, ’05; MBA ’10

What is the biggest mistake most people make when it comes to their personal cyber security?

The biggest mistake is not taking basic steps to protect login information: Choose long, unique passphrases and keep them safe from prying eyes. If I have your login, I am—for all intents and purposes—you, and can do everything you can do. If you have the option to enable multi-factor authentication, do it.

You speak about the importance of a unique passphrase, not password. Can you explain the difference and why it’s important?

A password is just a single word. They can be difficult for us to remember, but easy for a computer program to guess quickly, for example: PassWord2022!  A passphrase is a sentence, with spaces and punctuation, that we can remember but will take a long time for a computer program to guess, for example: What if 1 person had a special Trans Am in 1985?

Does everyone need a password manager? Why?

Everyone needs a system for creating and securely remembering unique passphrases, otherwise we’ll be tempted to create easy ones or reuse them. Passphrase managers can help us by generating good passphrases, storing them securely, and making it easy to access them when needed. Some modern passphrase managers can even tell you when a service has had a security breach and advise you to change your passphrase.

One thing you’d like everyone out there to know, or stop doing:

Attackers rely on rushing you into making a mistake; pause and verify before clicking on that link or providing that information. This could be as simple as discussing with a friend whether something seems legitimate.

Have you ever been caught in a digital scam? Or come close?

Once I had a voicemail claiming to be from the RCMP with a phone number to call them back. I actually began dialing the number before I caught myself, slowed down, and thought it through. Checking their website confirmed it wasn’t legitimate, and Googling the number revealed many others had received similar calls.

Jenny Manzer, BA ’97