Protecting yourself online: A beginner’s guide to security do’s and don’ts

Written by Emma Flickinger

Don’t use the same password for everything, or autosave your passwords in your browser

If you use the same password for every login, and someone gets access to that single password (whether via hacking, a data breach, or just looking over your shoulder) they will have access to all your accounts, from Netflix to email to banking.

The same thing can happen when you let Google Chrome “remember” your passwords. Anyone on a computer, tablet, or phone logged into your account (or anyone with your Google password!) can look through them by entering chrome://settings/passwords into the browser bar.

Don’t trust private mode to keep you anonymous

Most browsers have a “private mode” (Incognito Mode in Chrome) that won’t store the websites you visit in your browser history. However, this mode only impacts your end. It doesn’t affect the sites you visit, and it doesn’t make you anonymous.

Your online activity can still be identified with your IP address — the number that identifies your computer when you’re connected to a network. Because your IP address is what allows your computer to connect to websites on the Internet, it is visible to every site you visit, even in private mode. (Also, research has shown that contrary to what they promise, private browsing modes often do retain evidence of what you were browsing).

Don’t download apps that request suspicious permissions

Have you ever been faced with the permissions for a seemingly straightforward free app and wondered “Why do they need access to that?” Contacts, camera, text messages — if it isn’t obvious and if the app doesn’t explain why it needs to use these things, it might be because the app is a vehicle for gathering and selling your data.

Do use a secure password manager

Not entrusting your passwords to your browser doesn’t mean you have to remember them all. A surprisingly secure alternative? Writing them down with unhackable pen and paper.

But a note sheet or password journal is easily lost — and there is a safe, reliable technological solution. A secure password manager is an application or extension that can autofill your passwords much like a browser would, with much more security (thanks to encryption). Most password managers can also replace your weak passwords with stronger ones. Don’t want to invest? There are several free options on the market!

Do regularly check your privacy settings on all platforms

Always be aware of how much you’re sharing online, and who you’re giving permission to access information about you. Most websites update their policies from time to time, so it’s good to check on your privacy settings regularly, for each site you have an account. Read carefully — social media sites in particular often use sneaky wording to obscure the difference between what you “share” on the site with other users, and what data about you and your browsing habits you’re granting the site permission to view.

Do back up your files regularly and keep software updated

Outdated software can be vulnerable. Making sure your software and apps are updated to the latest version helps protect you from vulnerabilities that could be exploited by hackers or malware. If your computer does get a virus, having a backup copy of everything ensures the damage is minimal.

Do look into privacy/security software

A VPN, or virtual private network, is a more secure way to access the Internet. A VPN creates a secure connection by encrypting your data in a process called “tunneling,” where data sent from your computer to the network is placed within another packet of data — like putting a document into an envelope so that the contents can’t be read. A VPN can hide the sites you visit from the local network you’re connected to, whether it’s your Internet service provider at home or an unsecured public Wi-fi connection in a coffee shop.

VPNs can conceal your activity from Internet providers because they hide your IP address, but they don’t protect you from other kinds of online tracking. VPNs protect your data when it’s “en route” on your Internet connection, but not at either end — so if a website sends a cookie to your computer, it will still be delivered. A website will commonly use cookies to track your activity when you’re on the site, but it also might have third-party trackers connecting you to a different site (like a button that lets you share the article directly to social media).

Most individual websites might not be tracking your every move, but if multiple websites use the same third-party trackers, the sites that own the trackers can build up a detailed picture of your browsing habits. These sites can do what they want with this information, including selling it to advertisers. Tracker-blocking software like Redmorph lets you see what sites might be gathering data and block them from following you around the Internet.

Because there isn’t a single piece of software that will protect you from all angles, it’s important to be aware of each area your data might be at risk, and to evaluate software to make sure it’s a good fit for you and your browsing habits. You might have to do a little research, but after a while, it’ll be hard to imagine using the Internet any other way.