The MUO Security Checklist: What You Need To Do Right Now To Be Safe
Security can be an overwhelming subject – there are so many potential problems we need to think about when securing our computers, our online accounts, and our wireless networks. This list should help simplify things – follow this checklist and you’ll be well on your way to staying safe on a dangerous Internet.
Many security problems are caused by other people, whether it’s a company releasing software with dangerous security holes or a website getting hacked and leaking our passwords. While we can’t stop these problems from occurring, we can reduce the danger.
Use a User Account With Limited Permissions
Using an administrator user account with no protection – as most people did on Windows XP – puts you at risk. To be secure, you should be using a user account with limited permissions. This prevents programs from modifying your system without prompting you. If you’re using Windows 7 (or even Windows Vista), ensure you have User Account Control enabled. UAC allows you to use your computer with an administrator account, but you’ll still be prompted when programs want administrator permissions.
To check your UAC settings, click the Start button, type UAC into the Start menu, press Enter, and ensure the slider is set somewhere above Never Notify.
If you’re using Windows XP, using a standard user account may be a good idea – but this is more difficult, as most software assumes it has administrator access on Windows XP. If you’re using Windows XP, you should probably upgrade soon anyway – security updates for Windows XP stop in April 2014.
Use Good Password Practices
Many people use weak, easy-to-guess passwords online. Even if they don’t, they’ll re-use strong passwords on multiple websites. Both are dangerous.
Choose strong passwords that aren’t just dictionary words – select ones that would be difficult for a cracker or computer program to guess. You should also use good security questions – if anyone can get into your account by knowing the high school you went to (a publicly available piece of information), that’s a problem. For help choosing good passwords and security questions, check out:
- How To Create A Good Password That You Will Not Forget
- How To Create A Security Question That No One Else Can Guess
You should also be using a different password on each website. This is crucial. When a high-profile website becomes compromised – LinkedIn, Yahoo, Last.fm, and eHarmony have all had password leaks in the last year – crackers can look at the leaked list of email address/password combinations and try them on other websites. If you register for a website with your email address and use the same password you use for your email account, people can get into your email account easily. If you reuse the password on other websites, they can access those accounts, too. Using a unique password everywhere helps you limit the damage.
Store Your Passwords In A Password Manager
Remembering strong, unique passwords for every website can be difficult. That’s where a password manager comes in. We’ve talked about password management strategies before, and a password manager is one of the best. Some of the top password managers include LastPass, which encrypts your passwords and stores the encrypted file on LastPass’s servers, where you can access it from anywhere, and KeePass, which keeps an encrypted copy of your passwords on your computer – you’re responsible for backing it up, although you can synchronize it with Dropbox or another cloud storage service .
Set Up 2-Factor Authentication
If someone does get access to your password, two-factor authentication prevents them from accessing your account. With two-factor authentication, you’ll need more than just your password to log into a website – you’ll also need a special, time-sensitive key. These keys are often generated by a mobile app or sent to you via SMS. A variety of services support two-factor authentication, including Google , Facebook , Dropbox, LastPass , and Blizzard’s Battle.net .
Install Updates Frequently
You should be frequently installing updates for Windows and the other software on your computer, particularly web browsers and plug-ins like Flash and Java . While updates can be a hassle , they’re essential. The bad guys are constantly finding holes in software, which need to be plugged.
Setting Windows Update and the other software on your computer to automatically check for and install updates is an easy way to stay safe without thinking about it. To ensure Windows Update is set to automatically install updates, click Start, type Windows Update, and press Enter. Click the Change Settings link in the sidebar to view your update settings.
Use An Antivirus
An antivirus is an essential layer of protection. While you can try to stay safe by keeping your software updated, only visiting safe websites, and installing only trusted software, there’s always a chance something could slip through. A new security hole in your browser could be exploited, or a trusted website could have become compromised.
An antivirus program is another line of defense. You don’t have to pay anything for an antivirus – there are some great free options. If you have an antivirus installed, leave it on its default scanning settings, which will automatically scan everything in the background. Antivirus programs will generally perform regular, full-system scans, so you don’t have to worry about initiating any scans yourself.
Test Your Firewall
You should also be using a firewall – if you’re using a standard consumer router, it already effectively functions as a firewall. Even if you aren’t using a router, Windows comes with a firewall built in. To make sure your firewall is working properly, you can use the GRC Shields-Up test, which scans your IP address and detects if your firewall is blocking access to network ports.
Secure Your Wi-Fi
Securing your Wi-Fi network is particularly important. If you choose the wrong settings for your Wi-Fi networks and leave it open to the public, you could have all sorts of problems – everything from people snooping on your web browsing activity to people using your Internet connection for illegal things that would be traced back to you.
Ensure you’re using encryption for your wireless network – you should have to enter a passphrase when you connect a new device to your network. You should also be using WPA or WPA2 as your encryption type – the older WEP encryption can be broken.
To change your encryption settings, navigate to your router’s web administration page (you’ll find instructions to access this page in your router’s manual) and look for the wireless security section.
Do you have any other security tips to share? Leave a comment and let us know what you do to stay safe online.
Image Credit: Tick Mark on a Green Lock via Shutterstock