Cyber Security for Second Life
Here are some guidelines and recommendations to help keep your computer and your information safe.
General
Ensure all of your programs and your operating system are up to date with the latest patches
Ensure that your anti-virus and anti-spyware programs are up to date with the latest signature file
If you are not behind a corporate firewall, ensure that you have a software based firewall on your desktop/laptop
Do not click on any links or open any attachments that you receive in emails that you are not expecting
If you click on a link from a trusted friend, make sure it goes to the website address that you are expecting
If you use Firefox as a Browser, consider installing the "No Script" plugin
Passwords
Make passwords different on each account that you have
Make passwords as long as you can - Second Life allows up to 16-character passwords (without spaces), so your password should be 16 characters
Make your password random, using a mix of letters, numbers, and symbols, without using any real words or a sequence of numbers
Consider using a password manager system like KeePass or LastPass to create and store random passwords for you
Don't use the same password on different websites
Don't change your password unless you suspect it is compromised or you discover that it is weak ("do it right, do it once")
Don't enter your username and password into websites that you reached by clicking a link in an email or a Second Life IM
Don't download software from website links given to you by random strangers
Don't EVER share your password with anyone!
Articles about passwords
2011 cartoon about password strength (from xkcd)
Password strength article (Wikipedia)
Password strength and security article (Second Life forum)
The Guy Who Invented Those Annoying Password Rules Now Regrets Wasting Your Time (Gizmodo)
Password strength tests
How secure is my password? (educational website sponsored by a password manager program)
Password strength calculator (sponsored by another password manager program)
Password strength checker (Microsoft)
Password strength meter (sponsored by a password management service)
Password strength test (includes random password generators)
The Password Meter (password strength checker)
Discussion
As the xkcd cartoon says, "Through 20 years of effort, we've successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess." The old-time picture of a computer hacker was someone who knew you and kept trying passwords that were related to you - your birthday, your pet's name, your home town. The modern hacker uses a computer program that guesses 1000 passwords per second, first using words from the dictionary. So modern passwords need to be long and random, using upper and lowercase letters along with numbers and symbols, without using recognizable words or number sequences.
Here's what happens if your password is too easy.