In this digital age, the internet has played a huge part of our lives. It has become something like what electricity used to be back then which a lot of people have become dependent on. Not only is the internet used for social media and entertainment, but it is also used for other fields like communication, online banking, private file storage, shopping, educational research, and the list goes on. Here I will be showing some tips in protecting your online privacy as well as keeping your online life secure.
When you sign up for an email or create a social media account, you will be always asked to create a password. This is probably what only allows you for accessing your personal information.
Tips in Complexity
Most modern websites would require passwords to be complex like having a capitalized letter or a number and special character included. While a bit tedious, it is still a good practice to keep your account safe.
It is also a good idea use a passphrase. As the name suggests, it is a password that is a combination of 4 or more random words. This makes passwords easier to memorize while at the same time harder for programs to guess your password.
Note that though when using a passphrase make sure you use random words and not known quotes or catchphrases. To add complexity you can even change the separator from space to something else. Here is a good website to learn more about passphrases. A passphrase is also used in cryptocurrency wallets like Metamask as a key (also known as seed phrase) to access and recover cryptocurrency wallets.
Use a Password Manager
An alternate title of this might also be, ‘don’t use the same password in all of your accounts’. Even if you have applied some of the tips in making your password complex, using the same passwords to all accounts is not a very good idea. Rather than writing down your passwords, you can store them in a password manager. These types of software allow you to store passwords for all of your accounts without needing to memorize 1 master password. There are a lot of password managers. Some of these allow you to store passwords in the cloud that can be accessed on your other devices. I prefer the ones that allow local installation as I can store a backup copy of the password database. But this is just my personal preference and it would still depend on how you want to store your passwords.
Gone are the days when we only need to use a computer just to surf the web. Now we can access online even just on a smartphone and the internet has become available more with Wi-Fi and data providers.
Keeping your browsing private
When connecting to a public Wi-Fi, like in a coffee shop, there is no guarantee that these providers won’t look into your data usage. In some cases, some attackers would even make fake public hotspots just to bait someone looking for public internet access (For this case though you should only use trusted hotspots like what is posted by the establishment). But even if you connect to a legit connection of your internet cafe, you are still exposing your data. There are also doubts on whether an internet provider can be trusted if whether they steal your information.
Most websites use HTTPS or Hypertext Transfer Protocol Secure. This adds a layer of encryption to your browsing data. Modern browsers might even indicate a message if the website is initially secure. With that, you are ensured that your activities from the site are encrypted.
While HTTPS is useful you should not solely rely on these. For an additional layer of security, you can also use a Virtual Private Network (VPN). A lot of VPN providers offer encryption as well as masking your IP address. This adds more privacy to your online activities. I strongly suggest before subscribing to a VPN is to check the reviews first since you are connecting to another network where your data would pass through so better pick a trustworthy provider.
These are probably your last line of defense when somebody attempts to access your account. This is important as allows you to identify if somebody is accessing your online account. Two-factor authentication(2FA) is a system of logging in where you have an additional step of verifying that you are logging to the account. Verification might involve a voice call, an SMS message, or an email. While it gives you extra steps in logging in, it is also good especially for important accounts like online banks. Other websites also have some mechanisms that even if you don’t have 2FA enabled, a notification will be sent to you. It’s still a good practice to enable this feature if it is available for very important activities.
Phishing websites and Malicious Content
Phishing websites always try to imitate any legit websites. It could be your local bank website, or the Apple store, or any possible websites that involve payment. You might encounter these through emails as a malicious sender would pretend to be your bank then send a link that would ask you to update your password or credit card information. Hovering to the link would reveal a different address that doesn’t correspond to the legitimate website. When legit websites would ask their users to update their passwords it is usually done during login and not through an email notification.
While browsers and antiviruses have gotten better, it is still strongly advised not to click suspicious links as they might still do harm to you such as tracking you or perform some actions such as Cross Site Request Forgery.
In conclusion, these are all just suggestions to keep your online life secure. If they sound a bit overkill but trust me it’s no joke to be attacked online. It’s always good to take some preventive steps especially when you deal with activities like payments and online banking. In addition, you might want to check this website, “Have I been pwned”. Not all websites are perfect and some popular websites like Dropbox or Tumblr still suffer from data breaches. You can also use this tool as an indicator if you need to update your passwords. That’s why it’s always a good idea to use a password manager.