As safe as you might feel sitting at your laptop, happily typing and posting and scrolling, we all know the truth: the internet is a giant hellscape full of spies, criminals, ransomware and all kinds of other dangerous things.
Indeed, if this year taught us anything, it’s that the web is a terrifying place and nobody is safe.
Thus, if you want to try to keep your online life private, secure and safe (or, at least, safer than it currently is), we’d like to present you with some fundamental, potentially helpful suggestions.
Update, Update, Update
One of the easiest ways to get hacked is to forget to update your applications. When companies send you an update, they’re not just trying to annoy you. Updates often have essential security patches designed to thwart the exploitation of vulnerabilities in their software. (All software has vulnerabilities, they just haven’t all been discovered yet.) When you update your phone’s OS, browser, or application, you’re generally keeping the hounds at bay by ensuring your online life is appropriately fortified. So, do it RIGHT NOW!
Enact 2FA and Use a Security Key
You’ve probably heard it before but we’ll repeat it: that two-factor authentication is an excellent idea. In essence, 2FA is just a way to ensure that the person logging into your online accounts is you. Many online accounts will give you the option to enact 2FA (check out Twitter’s how-to, for example). Generally speaking, you will be asked to provide another piece of identifying personal information – like a texted code to your phone or a biometric identifier – to ensure you are who you say you are.
However, we would argue the best way to set up 2FA is by investing in a security key. Security keys are small, portable pieces of hardware that can be synced with your online accounts, ensuring that the only way to get into those accounts is to be in possession of the physical key. After syncing, logins will prompt you to insert your key into whatever computer or device you’re using. If you don’t have the key, you can’t get in. Luckily, most devices are small and portable and can be hung around your keychain, ensuring that it’s never far from you and it’s difficult to lose.
Encryption is the best way to ensure that whatever you are doing online remains private. In short, encryption ensures that if your data ever does get swiped or intercepted, the person stealing it won’t be able to make heads or tails of it. That’s because encryption transforms information into incoherent cryptographic symbols that, when done correctly, can only be decrypted by trusted parties.
To start, encrypted email services are always a good idea. You may have to shell out a small amount of money to subscribe but, in general, it’s worth it. You’ll need to do some of your own research, but there are several options: ProtonMail, Tutanota and Private-Mail are all popular options and good places to start.
Meanwhile, an encrypted chat function is also a good idea. If you want to text someone, just use Signal. For the most part, it’s hard to find anything to complain about when it comes to Signal. The end-to-end encrypted messaging service is super effective at keeping communications private and secure. They retain virtually no information about you once you make an account – making it a privacy must.
Finally, you can even encrypt the data on your desktop or laptop so that if someone does try to steal your data, it’ll pretty much be useless to them. You will need to look up how to do this on your individual device, for example, Apple offers FileVault which allows you to easily encode the data on your startup disc – making it impossible to view without your login approval.
Try a Password Manager
A strong password is a good security mechanism but it means nothing if somebody steals it or you forget it. Thus, many people use password managers – programs specifically designed to catalog and protect the precious codes.
You can subscribe to a paid password manager service which generally gives you greater control over your codes and better security. There is a variety to choose from: LastPass, Keeper, Bitwarden, 1Password and many others. Such subscription-based managers will ask you to create a “master password”—the password to get inside the password manager. On top of this, your best bet is to sync your password manager with a 2FA security key, thus allowing for interlocking security mechanisms.
Let us know in the comments how you stay safe by protecting yourself from getting hacked.