Pinterest Stumbleupon Whatsapp
Advertisement

Ex Intel CEO, Andy Grove once said, “Only the paranoid survive”. When it comes to being online, he’s absolutely right. Everything you do online nowadays should be approached with a healthy amount of cynicism.

Installing a free anti-virus program The 10 Best Free Anti-Virus Programs The 10 Best Free Anti-Virus Programs You must know by now: you need antivirus protection. Macs, Windows and Linux PCs all need it. You really have no excuse. So grab one of these ten and start protecting your computer! Read More and forgetting about security simply doesn’t cut the mustard. So in this article, we’re going to look at some of the simple steps you can take to secure your entire online life.

Use Two-Factor Everywhere (Especially With Email)

Two-factor authentication What Is Two-Factor Authentication, And Why You Should Use It What Is Two-Factor Authentication, And Why You Should Use It Two-factor authentication (2FA) is a security method that requires two different ways of proving your identity. It is commonly used in everyday life. For example paying with a credit card not only requires the card,... Read More is a quick and simple way of securing many of the tools that you use online. It basically uses something you know, like your password, and something you have, like your phone, to generate a code before you are able to log in.

Your email address is the skeleton key to all of your online services. If an attacker gets in to your emails, it’s all over as attackers can quickly generate password reset links to get in to all of your other accounts.

facebook password reset

By enabling two-factor on your email account, you add the extra layer of security to prevent attackers from getting in. So unless they have your phone and your user account details, they’re very unlikely to get in.

All of the main email providers like Gmail, Outlook and Yahoo! will allow you to use two-factor. If you’re a Gmail user, there are also some extra security measures you can take How to Secure Your Gmail Account in 3 Easy Steps How to Secure Your Gmail Account in 3 Easy Steps For many of us, getting our Gmail accounts hacked would be the end of the world. Don't let that happen! All it takes it three easy steps to keep your account secure. Read More .

gmail two factor

There are many other services that off two-factor Which Services Offer Two-Factor Authentication? Which Services Offer Two-Factor Authentication? Not long ago, Tina told you all about two-factor authentication, how it works, and why you should use it. In a nutshell, two-factor authentication (2FA), or two-step verification as it’s sometimes called, is an additional... Read More , not just email. So enabling it for as many of the services that you use as possible will bolster you security. At first it may be frustrating to get to grips with, but you soon get used to it.

Encrypt Your Device

Encryption will ensure that if your device goes missing, the data stored on it is safe and secure. Windows, Mac, Linux, Android and iOS all offer free encryption options, so there really isn’t any excuse for not encrypting.

bitlocker encyption

For Windows and Mac, it’s BitLocker Free Military-Grade Privacy For Your Files: How Bitlocker Works [Windows] Free Military-Grade Privacy For Your Files: How Bitlocker Works [Windows] Ever heard that quote about trying to explain how a television works to an ant? I'm not calling you an ant, even though you are hard-working and enjoy the occasional sip of aphid milk. What... Read More  and FileVault What Is Mac OS X FileVault & How Do I Use It? What Is Mac OS X FileVault & How Do I Use It? Only by manually encrypting the files on your hard drive can you truly keep your files safe. That's where the Mac OS X FileVault comes in. Read More , respectively. For Linux, you simply need to check the box “encrypt home partition” during the installation process.

When it comes to mobile devices, iOS is encrypted by default, as are many modern Android devices. However, if you have an Android device that isn’t encrypted by default, it can be easily turned on How To Encrypt Data on Your Smartphone How To Encrypt Data on Your Smartphone With the Prism-Verizon scandal, what allegedly has been happening is that the United States of America's National Security Agency (NSA) has been data mining. That is, they have been going through the call records of... Read More .

Protect Your Lock Screen

These days, many smartphones and tablets come with fingerprint recognition for unlocking your device. It’s obviously more secure than having nothing at all, but a PIN on your lock screen is better than using fingerprint recognition. “Why?” I hear you yell.

It’s simple really. The fifth amendment has a safeguard in place to prevent self-incrimination. If a government body were to ask you to unlock your device, you could forget your PIN, but you can’t change your fingerprint.

So with a court order, you could be forced to unlock your device. With a PIN, its not so simple. Not to mention, having a protected lock screen can stop the opportunist from getting at your phone.

pin table

When setting a PIN, be sure to use something that isn’t obvious. Data Genetics did a recent survey on PIN codes, and the table above shows the 20 most common of the 7 million sampled.

Most of the PIN codes in the table above follow some kind of pattern. Us humans love patterns, so if you stick to a PIN that doesn’t have an obvious pattern, then it’s less likely to be guessed.

Encrypt Your Text Messages

Services like Whatsapp now encrypt by default Why WhatsApp's End-to-End Encryption Is a Big Deal Why WhatsApp's End-to-End Encryption Is a Big Deal WhatsApp recently announced that they would be enabling end-to-end encryption in their service. But what does this mean for you? Here's what you need to know about WhatsApp encryption. Read More . This is great because it stops anyone from spying on your private conversations. However, it doesn’t support standard text messaging and the recipient needs to be using Whatsapp as well.

whatsapp encryption

There are alternatives to Whatsapp that allow for end-to-end encryption, such as Telegram Telegram Provides A Secure & Fast-Growing Alternative To WhatsApp Telegram Provides A Secure & Fast-Growing Alternative To WhatsApp Read More and Signal. All these tools also allow you to make encrypted calls, so can be a lot more secure than traditional calls or text messages.

Edward Snowden himself actually recommends Signal.

The vast majority of people nowadays do have Whatsapp on their phone, as it’s more secure and has more functionality than a simple text message. So even though it’s a requirement for your friends to have the app as well, it’s not really an issue any more.

If you don’t have Whatsapp on your device, I urge you to start using it ASAP. It’s free, after all.

Search in Private

Many people know that Google is a privacy black hole Five Things Google Probably Knows About You Five Things Google Probably Knows About You Read More , yet it’s still the site that most people turn to when they have a question about pretty much anything.

But there are alternative search engines out there that don’t store information about you. So you get the answers to your questions, and your privacy remains in tact. The biggest of these privacy aware search engines is DuckDuckGo 8 Search Tricks That Work on DuckDuckGo but Not on Google 8 Search Tricks That Work on DuckDuckGo but Not on Google Google Search is king. But DuckDuckGo has earned a loyal fan following. It has a few unusual features that even Google doesn't have. Read More .

duckduckgo

The DuckDuckGo privacy policy is very simple. The first line reads: “DuckDuckGo does not collect or share personal information.” So you can search on DuckDuckGo safe in the knowledge that your personal data is not being harvested.

Get a Password Manager

Having the most secure password in the world doesn’t mean anything if it’s the same for every site you use. If one of your accounts gets compromised, then all of your accounts are effectively compromised along with it.

The solution is a password manager, like LastPass Master Your Passwords For Good With Lastpass' Security Challenge Master Your Passwords For Good With Lastpass' Security Challenge We spend so much time online, with so many accounts, that remembering passwords can be really tough. Concerned about the risks? Find out how to use LastPass' Security Challenge to improve your security hygiene. Read More . A password manager will allow you to generate random passwords and will automatically log you in to sites you have stored.

lastpass generator

This means that you only need to remember to main password for your manager, and it will do all the hard word for you. Just don’t forget to enable two-factor authentication on your password manager!

Use Tor (Not Incognito)

Incognito mode, or private browsing if you don’t use Chrome, allows you to surf the web anonymously, and no one can see what you have been up to. It’s great, right? Wrong!

If you’re using incognito mode on your machine, your internet service provider, network administrators and the makers of your browser can still see what you have been looking at online.

It’s a common misconception that incognito mode is private. It isn’t, it just doesn’t save any history to the local machine. If you want a way to browse the internet more privately, take a look at Tor TOR For Newbies: When Should You Use It? TOR For Newbies: When Should You Use It? Savvy users should already know whether using TOR is right for their needs, but what about the newbies out there? Read More .

On the desktop, it’s as simple as downloading and installing the Tor Browser (which is based on Firefox, so should be familiar to most).

tor android

If you’re on a mobile device, you can still use Tor to browse the internet. There are apps like Orbot for Android How to Browse the Web Anonymously On Your Android Smartphone How to Browse the Web Anonymously On Your Android Smartphone When you access a website on your smartphone, your cellular carrier, network operator, and government all know you accessed that website. Tor allows you to browse anonymously and bypass web censorship on your desktop. Orbot... Read More  and VPN Browser for iOS.

Tor isn’t 100% secure. Nothing is. But if you want truly private browsing, Tor is the closest that most people will get.

This Is How You Stay Secure

It’s important to remember that it is impossible to remain 100% secure whilst online. Attackers will always find a way in, given enough time.

These tips will make a would-be attacker’s life very difficult, but that doesn’t mean you should ever let your guard down. Remember, only the paranoid survive!

Do you have any other tips for staying secure online? If so, feel free to share them below.

Image Credit: LeoWolfert via Shutterstock.com

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. ReadandShare
    December 28, 2016 at 6:29 am

    Article states, "Windows, Mac, Linux, Android and iOS all offer free encryption options, so there really isn’t any excuse for not encrypting...For Windows and Mac, it’s BitLocker and FileVault, respectively."

    Windows versions that include BitLocker are NOT free.

    • Kev Quirk
      December 28, 2016 at 10:15 am

      All versions of Windows 10 come with device encryption out of the box. This is bundled in with the cost of the OS.

  2. PD
    December 28, 2016 at 6:08 am

    Firefox's Private Window uses Tor by default. You failed to mention that.

    Password managers are a very debatable option. Simplification where the user only needs to remember one password also minifies the hacker's target yet enables maximum results. Also, how do they work with 2FA? Password managers that store that one critical password on an internet-connected device (in 'the cloud') are also exposing users to masses of hacking attempts that have succeeded: https://blog.lastpass.com/2015/06/lastpass-security-notice.html/

    Surely you could have mentioned more password manager services than one, the one that was hacked?

    Is DuckDuckGo still repurposing Bing / Yahoo results without tracking whilst adding some of it's own features? It needs to be acknowledged that whilst DDG may be less invasive of our privacy, a very admirable feature, it's results may make life harder. Also, tracking is more a privacy than a security feature, is it not?

    • Kev Quirk
      December 28, 2016 at 10:58 am

      Please can you link to some Mozilla documentation about them using Tor for private browsing as I'm not aware of this? To my knowledge, they have an anti-tracking feature which can be turned on or off, but this is far from Tor.

      LastPass have been hacked, but the way that they encrypt, hash and salt the data prior to being transmitted means that even if hackers get user data (which they never have, it's only ever been auth hashes), it will be pretty much impossible to crack. Respected security professionals have gone on the record to say that they have never been concerned with any of the hacks that LastPass have received.

      Here is an interesting article about how LastPass secures user data. It's worth being familiar with this information in order to understand how difficult it would be to get user data in clear text. https://lastpass.com/support.php?cmd=showfaq&id=6926

      These tips shouldn't be used in isolation, they should be used in conjunction. So continuing with the LastPass example, yes you have a single password that accesses everything else, but with 2FA also enabled, this is now far more secure. More so if you use something like a Yubikey.

      By the way, most people who don't use a password manager have approximately 3-4 password iterations that they use, and they only differ by one character in most cases.

      • PD
        December 28, 2016 at 1:04 pm

        Well colour me embarrassed and regretful. I swear I saw a release note or something about Mozilla doing the sensible thing, allbeit eons after Snowden, and making - at least - Private Browsing mode TOR by default. Gee Mozilla doesn't have a clue how to value-add and differentiate Firefox anymore. Must have been this article:

        http://www.ghacks.net/2016/07/04/tor-privacy-settings-coming-to-firefox/

        and the Private Browsing hardening (preferences off FFS) work here:

        https://wiki.mozilla.org/Security/Tor_Uplift/Tracking
        https://bugzilla.mozilla.org/show_bug.cgi?id=1260929

        that I was confused by. It's so bleeding hard to keep up with what Mozilla is, or more to the point is not, doing since they adopted the idiotic periodic release approach along with no less than 4 release versions!

        I agree there's degrees of security and nothing is ever 'secure'. and your article shouldn't be used in isolation, though it didn't exactly say so! In addition, I'd add that the word, or finite context of the word "secure" should NEVER EVER be used in any such article. You got the heading right by using "more secure" but the last h2 heading "stay secure" is dubious. Perhaps "improve your online security" ?

        In addition Kev, surely it's better journalistic practice to avoid generalizations? If you want to refer to "Respected security professionals", perhaps do so with ... references :) Again there's room there for nuance. Bruce Schneier recommends password managers but not the type that link wit browsers and pre-fil them as these are apparently too easy to hack.

        https://www.schneier.com/blog/archives/2014/09/security_of_pas.html

        He has written his own that relies on user's doing a simple copy/paste.

        It's interesting as well that your Yubikey mention only made the comments, not the article. Why is that? Perhaps you felt Yubikey is too complex for the average user? Yet my Mum uses a similar concept supplied by her bank and has done for years. In addition, whilst it is not exactly established, it appears that the next industry attempt to solve the security issue will be what arguably should have happened in year dot: people get a physical key with a digital key (certificate) on it, plug it into their computer, and that secondarily establishes their identity and authentication. They call it Universal Second Factor.

        http://arstechnica.com/security/2016/12/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers/

        It's a suitably stupidly vague and convoluted name for a simple concept: give users a key ... well, who would've thought people could relate to a bloody key ... you know, those things we all carry around all day every day? Yeah yeah, some smart arses will come out and claim we should be implenting it flipping wirelessly on our 'smart' phones and over complicate the whole idea. But hopefully the standard will penetrate anyway ... if bloody laggards like Mozilla would pull their fingers out and implement it. Gawd how they've butchered their own product/market share/organiation ever since the threat of Chrome appeared. Brings tears to my eyes.

  3. Zhong
    December 27, 2016 at 11:33 pm

    I would also try to use an authentication app instead of SMS to your phone.

    • Kev Quirk
      December 28, 2016 at 10:14 am

      Yes, I prefer to use an app rather than text messaging.

      • Zhong
        December 28, 2016 at 2:33 pm

        What are you thoughts on using a physical key as your login credentials? Some machines have special hardware that can use your finger prints or facial memory to login.