How to protect my account against phishing

Owned by Pavel Břoušek
Last updated: Jan 22, 2024 by Přemysl Kala
1 min read

 

The most effective protection against phishing is Multi-factor authentication. But if you want to try to detect phishing even sooner, you may also set up a security text.

Some instances of ProxyIdP allow you to choose a short text which will be shown to you on the login page before entering your password.

 

This will only happen if you sign in repeatedly from the same device, in the same web browser, in a non-anonymous window, without clearing cookies between logins, and the “remember me” checkbox needs to be checked on the first login.

 

In the user profile, choose a unique text that you will recognize, but an attacker cannot guess it based on public information about you. You may enter your own text, get inspiration from an external source (e.g. emojipedia.com), or let the app generate text/emojis for you.

obrazek-20240116-004049.png

When you see your personal security text on the login page, the chance that it is a genuine login page is much higher.

Please note that this security measure is quite easy to circumvent by a skilled attacker, so we highly recommend also enabling Multi-factor authentication.

Support: perun@cesnet.cz