Internet Security Tips

 ( 6 min read ) 

Alright, you know why you're here. (I hope.)

You've read online about the bad things that can happen to your accounts and data. I hope you've seen some news about hackers and people losing their data, identity, money, or more. Getting "hacked" is becoming more and more common.

Credit Cards have been stolen. Accounts on Twitter, Amazon, Apple, Steam, eBay, Skype, and many, many more, have been hijacked. Millions of credentials have been leaked online for other predators to use. It just doesn't seem to end!

So what can you do? How do we protect ourselves from unknown assailants across the internet? How do we stop this from happening?

The short answer is, you can't.

There will always be, a continuous stream of events in which, data, accounts, money, and identities, are stolen. Think of a blizzard with ice, sleet, and snow, pounding away during the winter months. Can you stop it? Can you stop the icy wind from blowing? No. But you can find shelter. You can buy warm clothing and gloves to combat the freezing temperatures. Rather than get blown over by the storm, you stand strong and endure it. This is what you do with your internet accounts. Harden them, and rest knowing that your data is secure and your accounts are safe.

Some of these may seem silly. But to thieves this is the kind of behavior they hope for.

 

Here are my Internet Security Tips:

  1. Don't write passwords down on paper or save in a file. No matter how convenient it may be.

  2. Use unique and strong passwords for each service that is important to you. Check how strong your passwords are here.

  3. Use 2-Factor authentication as much as you can. Either by email, fingerprint, USB key, or Phone number. Check 2FA websites here.

  4. Never use 1Password, LastPass, or Browser "remember password?" services. They create a single, critical, vulnerability point.

  5. Never put super important info in Cloud services like DropBox, Google Drive, OneDrive, etc. If you have to transfer files, use an encrypted USB drive.

  6. Hide personally identifiable information from your Social Networking accounts. (e.g. don't let Facebook share your phone number or email. Only show what you're willing to tell complete strangers.)

  7. Create a throwaway/junk email account for unimportant services. (e.g. Clothing store subscriptions, newsletters, shopping receipts, forums, video games.)

  8. [Desktop] Set a strong password on your (Windows) PC account. Do not auto-login when the PC boots up. And do not set the "hint" to give away the password.

  9. [Desktop] Encrypt super important files with a password / Or your entire hard drive.

  10. [Desktop] Pro PC users will want to set a BIOS password. This means you would need to enter a password as the PC turns on, before it even starts the OS (Windows). Its not going to stop an experienced thief, but it will slow them down.

  11. If you're paranoid, use a VPN or Proxy network connection to hide your web browsing. Beware of *free* VPN services. Only use paid services from reputable companies. Not all VPNs are equal.

  12. [Mobile] Don't use easy 4-digit pin or swipe lock features on smartphones. Set a 8+ character password instead. Also, if you can, enable the auto-wipe feature if too many passwordd attempts are failed.

  13. [Mobile] If you're selling an old smartphone or laptop, be sure to wipe all data off of it first.

  14. [Home] If you have WiFi at home, then secure it with WPA2-AES and set a strong password.

 

While not a complete list of everything under the sun, this should be a good start to securing your data.

Don't feel like you have to do all these things. I don't even do all of them myself. Just do what you're comfortable doing, and protect what's important to you.

I have dozens of accounts online, and even I don't remember the unique passwords I set for each of them. Some accounts like Facebook, my bank, credit card, and email, I have memorized. Others, like that Windows XP forum account that I created back in 2008, I have long forgotten. But I can at least recover that password if I wanted to. The point being: Protect what's important to you.

I don't care about most of my online accounts. I only lockdown about a dozen accounts I have, with 2-Factor authentication, phone number, USB PKI token, etc. Only the data on a few accounts is of actual importance to me, and I make sure to protect it as much as possible. Other accounts, like Twitter, LinkedIn, or random forums, I have 0 sensitive information stored on. I have nothing to lose with those. By the way, if you've reused passwords across multiple accounts, this is where things get stolen. See #2 in the list. Hackers love it when users set the same email and password for all their internet accounts.

Don't get blown away in the storm. Protect your data.



Published: Jun 3, 2016
Category: privacy
Tags: security, 2FA