The MUO Security Checklist: What You Need To Do Right Now To Be Safe

Ads by Google

Security can be an overwhelming subject – there are so many potential problems we need to think about when securing our computers, our online accounts, and our wireless networks. This list should help simplify things – follow this checklist and you’ll be well on your way to staying safe on a dangerous Internet.

Many security problems are caused by other people, whether it’s a company releasing software with dangerous security holes or a website getting hacked and leaking our passwords. While we can’t stop these problems from occurring, we can reduce the danger.

Use a User Account With Limited Permissions

Using an administrator user account with no protection – as most people did on Windows XP – puts you at risk. To be secure, you should be using a user account with limited permissions. This prevents programs from modifying your system without prompting you. If you’re using Windows 7 (or even Windows Vista), ensure you have User Account Control enabled. UAC allows you to use your computer with an administrator account, but you’ll still be prompted when programs want administrator permissions.

To check your UAC settings, click the Start button, type UAC into the Start menu, press Enter, and ensure the slider is set somewhere above Never Notify.

user-account-control-enabled-on-windows-7

If you’re using Windows XP, using a standard user account may be a good idea – but this is more difficult, as most software assumes it has administrator access on Windows XP. If you’re using Windows XP, you should probably upgrade soon anyway – security updates for Windows XP stop in April 2014.

Ads by Google

Use Good Password Practices

Many people use weak, easy-to-guess passwords online. Even if they don’t, they’ll re-use strong passwords on multiple websites. Both are dangerous.

Choose strong passwords that aren’t just dictionary words – select ones that would be difficult for a cracker or computer program to guess. You should also use good security questions – if anyone can get into your account by knowing the high school you went to (a publicly available piece of information), that’s a problem. For help choosing good passwords and security questions, check out:

You should also be using a different password on each website. This is crucial. When a high-profile website becomes compromised – LinkedIn, Yahoo, Last.fm, and eHarmony have all had password leaks in the last year – crackers can look at the leaked list of email address/password combinations and try them on other websites. If you register for a website with your email address and use the same password you use for your email account, people can get into your email account easily. If you reuse the password on other websites, they can access those accounts, too. Using a unique password everywhere helps you limit the damage.

Store Your Passwords In A Password Manager

Remembering strong, unique passwords for every website can be difficult. That’s where a password manager comes in. We’ve talked about password management strategies before, and a password manager is one of the best. Some of the top password managers include LastPass, which encrypts your passwords and stores the encrypted file on LastPass’s servers, where you can access it from anywhere, and KeePass, which keeps an encrypted copy of your passwords on your computer – you’re responsible for backing it up, although you can synchronize it with Dropbox or another cloud storage service.

Set Up 2-Factor Authentication

If someone does get access to your password, two-factor authentication prevents them from accessing your account. With two-factor authentication, you’ll need more than just your password to log into a website – you’ll also need a special, time-sensitive key. These keys are often generated by a mobile app or sent to you via SMS. A variety of services support two-factor authentication, including Google, Facebook, Dropbox, LastPass, and Blizzard’s Battle.net.

Install Updates Frequently

You should be frequently installing updates for Windows and the other software on your computer, particularly web browsers and plug-ins like Flash and Java. While updates can be a hassle, they’re essential. The bad guys are constantly finding holes in software, which need to be plugged.

Setting Windows Update and the other software on your computer to automatically check for and install updates is an easy way to stay safe without thinking about it. To ensure Windows Update is set to automatically install updates, click Start, type Windows Update, and press Enter. Click the Change Settings link in the sidebar to view your update settings.

windows-update-automatically-install-updates

Use An Antivirus

An antivirus is an essential layer of protection. While you can try to stay safe by keeping your software updated, only visiting safe websites, and installing only trusted software, there’s always a chance something could slip through. A new security hole in your browser could be exploited, or a trusted website could have become compromised.

An antivirus program is another line of defense. You don’t have to pay anything for an antivirus – there are some great free options. If you have an antivirus installed, leave it on its default scanning settings, which will automatically scan everything in the background. Antivirus programs will generally perform regular, full-system scans, so you don’t have to worry about initiating any scans yourself.

Test Your Firewall

You should also be using a firewall – if you’re using a standard consumer router, it already effectively functions as a firewall. Even if you aren’t using a router, Windows comes with a firewall built in. To make sure your firewall is working properly, you can use the GRC Shields-Up test, which scans your IP address and detects if your firewall is blocking access to network ports.

Secure Your Wi-Fi

Securing your Wi-Fi network is particularly important. If you choose the wrong settings for your Wi-Fi networks and leave it open to the public, you could have all sorts of problems – everything from people snooping on your web browsing activity to people using your Internet connection for illegal things that would be traced back to you.

Ensure you’re using encryption for your wireless network – you should have to enter a passphrase when you connect a new device to your network. You should also be using WPA or WPA2 as your encryption type – the older WEP encryption can be broken.

To change your encryption settings, navigate to your router’s web administration page (you’ll find instructions to access this page in your router’s manual) and look for the wireless security section.

Do you have any other security tips to share? Leave a comment and let us know what you do to stay safe online.

Image Credit: Tick Mark on a Green Lock via Shutterstock

Ads by Google

33 Comments - Write a Comment

Reply

Edwin Williams

I was surprised when my roommate didn’t use any encryption on our wifi. But we have security now!

Reply

Igor Rizvi?

In the instructions of my ISP (T-com) it states that for my wirelles connection the settings for encryption should be on Wep only.Should I consider this a minimum security problem,or should I call them and check this out.Or can i just manually set it on Wep2???

Johann

Your ISP shouldn’t really care what you use on your wifi network as it doesn’t affect your connection to them so this is very much just their recommendation.

They are giving you bad advice here though, you should definitely be using WPA instead of WEP. WEP has been easily crackable for a number of years. also if your router has WPS (used to quickly set up wifi connections between devices) you should also turn that off if possible too.

Johann

On FireFox I recommend using ‘HTTPS Everywhere’ to force connections to use HTTPS on most major sites. Also if you don’t want to be tracked whilst online then I recommend DoNotTrack+ and Ghostery. as well. It is important to block these ‘trackers’ as some of them can leak your credentials whilst dialing home with info – they’re therefore useful for more than just stopping your browsing habits being monitored.

NoScript is always good in principle but it breaks so many things I find it next to useless for an average user. The three I mention above have very low impact on general web use.

Igor Rizvi?

I use adblock plus,and do not track..and i find it highly effective.But why am i asking about wep : because i often create a wi fi connection so my gf can acces the internet trough her andoroid phone,or my brother trough laptop …. so …should i swap it for wep 2 and turn off wps ,is that what you are suggesting or?

Hhelibeb.Cnofne.2011

Securing you wifi with WEP is better then nothing of course. But it is not considered secure anymore as far as i remember.

WPA is the latest standard and supported in a lot of devices. If all your devices support it, i would suggest switch over to WPA. If they dont support it … you can stick to WEP as it is better then switching it off – of course!! :-)

Chris Hoffman

It’s possible that your ISP’s instructions are out of date and are recommending WEP because WPA wasn’t around back then. But your ISP shouldn’t care what Wi-Fi encryption you use, and WPA is definitely better.

(I think WEP is the only setting that works with the Nintendo DS, so I used to see people saying they used the weaker WEP only because of that. For shame, Nintendo.

The 3DS works with WPA at least, apparently.)

Reply

Igor Rizvi?

Btw: check this out : http://prntscr.com/h6qf5 :)))) very nice!

Reply

scott boyer

just updated my programs thanks for info

Reply

Curtis C.

Thanks for the info!

Reply

Adrian Rea

Make a backup of your data – it is one thing to have your data stolen, its even worse if it is gone and you don’t have a copy. This also gives you and idea how much and what you have given away and what may come back to bite you!
Encrypt your data – there is rumour round the internet now that previously military standard hard drive write-wipe deletion is not enough and so only keeping your stored data encrypted (and still write wiped at end of life, will it be safe from data thieves.

I never like to install updates automatically as I could go down to dinner mid document and come back to a restarted computer.

Chris Hoffman

Good tips. Also a good point about the restarts, that can be horrible.

Reply

Garey Boone

Good stuff Chris.

Reply

Manuel Guillermo LĂłpez Buenfil

Another step: Install anti-theft software, like Prey. If your computer gets stolen and you want to get it back, then you better have a way to let them use it (like a guest account) while you gather information to recover it.

Chris Hoffman

Good idea. I don’t use anti-theft software, but I probably should.

Reply

Harish Jonnalagadda

Seems these days security concerns are everywhere! Thanks for the very timely article.

Reply

Mac Witty

Yes!! GRC Shields-Up test:
Your system has achieved a perfect “TruStealth” rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. …. But your system wisely remained silent in every way. Very nice.

Chris Hoffman

That’s the way it should work, it’d only be news if it didn’t!

Reply

Sam Kar

Nice checklist
I remember something similar was posted here recently.

Reply

Alex Perkins

The WPA2 can be broken too, it just takes longer.

Hhelibeb.Cnofne.2011

Its basically the concept of all the security. There is nearly every time a way around it. The question is how long it takes and if it is worth it! :-)

Alex Perkins

Exactly, everything just takes time.

Chris Hoffman

Yup, Fort Knox can be broken into, too. It’s all about making it more difficult.

(Also, it’s like running from a lion — you just have to run faster than the other people. If you use WPA2 and your neighbors use WEP, no one’s going to try to crack your Wi-Fi password when they can easily get your neighbors’.)

Alex Perkins

Nice explanation there, I live in the country with no neighbors but still use WPA2. ;-)

Reply

Yash Desai

why is it better to use a user with limited permissions?

Hhelibeb.Cnofne.2011

The idea behind limited permission is that the virus/worm/… whatever bad thing you catch on the internet has not the permission to get into the deep core of the operating system. You know as well malware is bound to the limited permissions. So that can make the difference between a malware beeing detected and easily removed without destroying a lot OR getting a malware that is a pain to remove and could cause a lot of damage!

Chris Hoffman

Yup, it makes things more difficult for malware. They can’t just start modifying system files because they’ll also start with limited permissions. You may see a suspicious UAC prompt and that can flag you to the problem.

Reply

Keith Swartz

Good article, Chris! Whoever wrote “I learn something new everyday” must have been an avid reader of MakeUseOf! Thanks, yet again!

Reply

Gordon Hay

thanks for the link to the GRC site – very reassuring to know that my protection is as good as it gets!

Reply

Mike

i just encrypted my wifi so its private to me thanks to this lovely guide thank you so much for the tips

Chris Hoffman

Good to hear!

Reply

Shubharup Ganguly

These steps should be enough for the regular user, but the advanced user requires some more measures.
1) Try to use a VPN, TOR or any such encryption service at all times. Even with the toughest security measures, you’re vulnerable if you’re over an un-encrypted line.
2) Use a RAMDISK. I’m not gonna go into detail about what it is, because a simple Google search can tell you more than I know about it. If you use a RAMDISK, your cache, history, password and all such data that the browser or rather any other application stores in the temp folder is cleared and wiped clean. Its a very effective security method.
3) Change your browser profile to something very un-ordinary. Its a long shot, but certain malware are designed specifically for common browser profiles. An unfamiliar profile will keep such pieces of code at bay.
4) I cannot stress this enough, but ALWAYS do a weekly virus scan. I keep Comodo on top priority mode at all times, yet I do a weekly scan on Sunday evenings. I prefer and recommend MalwareBytes, especially because it has very up to date virus definitions.
5) Everybody has a tool in their toolbox which they prefer not to use. Its called Common Sense. Use it, and you’re good to go.

Reply

sachin goral

I usually keep funny palindromes as my passwords, remember em always…

Your comment