Digital security can be filled with unfamiliar jargon. This glossary provides clear, approachable definitions to help you understand the terms you'll encounter throughout your digital governance journey.
Authentication
The process of verifying your identity when accessing an account or system. Common methods include passwords, biometrics, and security keys.
Biometrics
Physical characteristics used for identification, such as fingerprints, facial recognition, or iris scans. Used as an authentication factor.
Brute Force Attack
A method of cracking passwords by systematically trying every possible combination of characters until the correct one is found.
Cache
Temporary storage of web data (pages, images) on your device or by search engines. Cached content can persist even after the original is deleted.
Credit Freeze
A security measure that restricts access to your credit report, making it harder for identity thieves to open accounts in your name.
Data Breach
An incident where sensitive, protected, or confidential data is accessed, disclosed, or stolen by an unauthorized party.
Data Minimization
The practice of collecting, storing, and sharing only the minimum amount of personal data necessary for a specific purpose.
Digital Estate
The collection of all your digital assets, accounts, and online presence that may need to be managed after your death or incapacitation.
Digital Footprint
The trail of data you leave behind when using the internet, including websites visited, posts made, and information shared.
Encryption
The process of converting data into a coded format that can only be read by someone with the correct decryption key.
End-to-End Encryption (E2EE)
A communication method where only the sender and recipient can read messages. The service provider cannot access the content.
Firewall
A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Fraud Alert
A notice placed on your credit report that warns creditors to verify your identity before extending credit, helping prevent identity theft.
HTTPS
Hypertext Transfer Protocol Secure — an encrypted version of HTTP that provides secure communication between your browser and a website.
Identity Theft
The fraudulent acquisition and use of someone's personal identifying information, typically for financial gain.
Legacy Contact
A person designated to manage aspects of your online accounts after your death, available on some platforms.
Malware
Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems. Includes viruses, ransomware, and spyware.
Multi-Factor Authentication (MFA)
A security method requiring two or more verification factors to access an account — something you know, something you have, or something you are.
Passkey
A modern authentication method that uses cryptographic keys stored on your device instead of passwords, providing stronger security with less friction.
Password Manager
Software that securely stores and manages your passwords, allowing you to use strong, unique passwords for every account without memorizing them.
Phishing
A social engineering attack that uses deceptive messages (email, text, or calls) to trick you into revealing personal information or clicking malicious links.
Privacy Policy
A statement explaining how an organization collects, uses, stores, and shares your personal data.
Ransomware
A type of malware that encrypts your files and demands payment (ransom) for the decryption key to restore access.
Right to Be Forgotten
A legal concept giving individuals the right to request removal of their personal data from internet searches and databases under certain conditions.
Two-Factor Authentication (2FA)
A specific type of MFA that requires exactly two verification factors, commonly a password plus a code from your phone.
VPN (Virtual Private Network)
A service that encrypts your internet traffic and routes it through a server in another location, providing privacy and masking your IP address.
Zero-Day Vulnerability
A software security flaw that is unknown to the vendor and has no available fix, making it particularly dangerous if exploited.
Social Engineering
Psychological manipulation techniques used to trick people into revealing confidential information or taking actions that compromise security.