Reports of hacking have been in the daily news cycle every single day for months with no signs of slowing down or stopping. Outside of interference in the US Elections, of which we will probably never hear the end, there have also been so many data breaches we are reaching the point where new ones barely even register in the headlines.
Even if you’re not a high ranking government official or a high flying CEO, that doesn’t mean you’re not a target or that you don’t have anything worth stealing. At the very least you have a bank account and a credit score you would prefer doesn’t get ruined, right?
Think of your online security like having a lock on the door to your house. If you left your house unlocked, maybe no one even tries to turn the knob, but wouldn’t you prefer taking the minimal amount of time to install even the most basic of locks? To get a sense of what private information of yours might already be floating around out there, I suggest checking out this New York Times interactive feature. You can also check out Have I Been Pwned and search information specific to your account names or email addresses.
This article is by no means exhaustive, but attempts to lay out some of the more basic steps you can take to protect your own privacy online. There’s far more you can do, but if you don’t at least take this basic precautions, there’s no point in getting into anything more complex.
At a high level, you should start by doing four easy things:
- Enable two-factor authentication
- Use a password manager
- Encrypt as much of your data as possible
- Change your web browsing habits.
Each one is actually very simple and explained in more detail below.
Enabling two-factor authentication
Just having a password on your more critical accounts (email, banking, etc) is no longer enough. Services like Gmail and many others allow you to add a second password of sorts that is a randomly generated set of numbers. These numbers can either be texted to you (g00d) or generated from a second app (better) like Authy.
Using a password manager
In the event of a data breach, a nine character long password could be cracked by the laptop I’m writing this on in just five days (more or less). Just imagine what someone with a really powerful custom setup could do. Reusing passwords is also incredibly dangerous, once an email/password combination has been found, it can be tried everyone else on the internet really quickly.
Instead of remembering a bunch of different passwords, you should use a password manager (1Password, LastPass or Dashlane) to automatically generate and manage nice long complex passwords for all of your accounts. The password manager itself is safer because you’ll store it locally on your own machine and put one really long password of passphrase on it.
Encrypting your data
Set it and forget it, there’s no excuse not to do this one as it only takes a few clicks to enable in most cases.
Changing your web browsing habits
I’ll admit this one is a bit more complicated, but it’s still pretty easy to remember a few simple takeaways.
- Cover your cameras, even Mark Zuckerberg and the FBI Director do it. You can buy a five pack of covers on Amazon for less than $10.
- Use the the HTTPS Everywhere browser extension to encrypt more of your web traffic by default.
- If you’re doing something sensitive like banking, really try to close all other open tabs.
- If you absolutely must log into an account on another computer, at least use incognito mode.
- Use a VPN, especially on public wifi networks. TunnelBear’s free package is pretty great and really easy to setup.
This really only touches the surface of this topic, since this is meant to be a basic getting started guide for the less tech savvy. Hopefully it’s not an overwhelming amount of information.
As a bonus, if I know you in real life, I’ll help you set all of this up on your own devices for free. Just let me know when.