10 Simple Things You Can Do to Be More Secure Online
1. Install an Antivirus and Keep It Updated
Ransomware encrypts your files and demands payment to restore them. Trojan horse programs seem like valid programs, but behind the scenes they steal your private information. Bots turn your computer into a soldier in a zombie army, ready to engage in a denial of service attack, or spew spam, or whatever the bot herder commands. An effective antivirus protects against these and many other kinds of malware. If your antivirus or security suite doesn’t have ransomware protection, consider adding a separate layer of protection. Many ransomware-specific utilities are entirely free, so there’s no reason not to try a few of them and select the one that suits you best.
2. Explore the Security Tools You Install
Many excellent apps and settings help protect your devices and your identity, but they’re only valuable if you know how to use them properly. Understanding the tools that you assume will protect you will go a long way toward them actually protecting you. For example, your smartphone almost certainly includes an option to find it if lost, and you may have even turned it on. To be totally sure your antivirus is configured and working correctly, you can turn to the security features check page on the website of the AMTSO (Anti-Malware Testing Standards Organization). Each feature-check page lists the antivirus tools that should pass.
3. Use Unique Passwords for Every Login
One of the easiest ways hackers steal information is by getting a batch of username and password combinations from one source and trying those same combinations elsewhere. The single best way to prevent one data breach from having a domino effect is to use a strong, unique password for every single online account you have.Creating a unique and strong password for every account is not a job for a human. That why you use a password manager. Several very good password managers are free, and it takes little time to start using one. For-pay password managers generally offer more features, however. When you use a password manager, the only password you need to remember is the master password that locks the password manager itself. When unlocked, the password manager logs you into your online accounts automatically. That not only helps keep you safer, but also increases your efficiency and productivity.
4. Get a VPN and Use It
Any time you connect to the Internet using a Wi-Fi network that you don’t know, you should use a virtual private network, or VPN. A VPN encrypts your internet traffic, routing it though a server owned by the VPN company. That means nobody, not even the owner of the free Wi-Fi network, can snoop on your data.Using a VPN also hides your IP address. Advertisers and trackers looking to identify or geolocate you via that IP address will instead see the VPN company’s address. Spoofing your location using a VPN server in another country can also serve to unlock content that’s not available in your own region. The upshot is that if you connect via Wi-Fi whether it’s on an laptop, phone or tablet you really need a VPN.
5. Use Two-Factor Authentication
Two-factor authentication can be a pain, but it absolutely makes your accounts more secure. Two-factor authentication means you need to pass another layer of authentication, not just a username and password, to get into your accounts. If the data or personal information in an account is sensitive or valuable, and the account offers two-factor authentication, you should enable it. Gmail, Evernote, and Dropbox are a few examples of online services that offer two-factor authentication. If you just use a password for authentication, anyone who learns that password owns your account. With two-factor authentication enabled, the password alone is useless. Most password managers support two-factor, though some only require it when they detect a connection from a new device. Enabling two-factor authentication for your password manager is a must.
6. Use Passcodes Even When They Are Optional
Apply a passcode lock wherever available, even if it’s optional. Think of all the personal data and connections on your smartphone. Going without a passcode lock is unthinkable.Many smartphones offer a four-digit PIN by default. Use biometric authentication when available, and set a strong passcode, not a stupid four-digit PIN. Remember, even when you use Touch ID or equivalent, you can still authenticate with the passcode, so it needs to be strong.Different Android devices offer different paths to setting a strong passcode. Find the Screen Lock settings on your device, enter your old PIN, and choose Password. As with the iOS device, add a strong password and record it as a secure note.
7. Pay With Your Smartphone
The system of credit card use is outdated and not very secure at all. That’s not your fault, but there is something you can do about it. Instead of whipping out the old credit card, use Apple Pay or an Android equivalent everywhere you can. There are tons of choices when it comes to apps. In fact, we have an entire roundup of mobile payment apps. Setting up your smartphone as a payment device is typically a simple process. It usually starts with snapping a picture of the credit card that you’ll use to back up your app-based payments. And setup pretty much ends there; you’re ready.Point-of-sale terminals that support smartphone-based payment usually indicate the fact with an icon, from a picture of a hand holding a smartphone to a stylized representation of a radio wave. Just place your device on the terminal, authenticate with a thumbprint, and you’ve paid up.
8. Use Different Email Addresses for Different Kinds of Accounts
People who are both highly organized and methodical about their security often use different email addresses for different purposes, to keep the online identities associated with them separate. If a phishing email claiming to be from your bank comes to the account you use only for social media, you know it’s fake. Many sites equate your email address with your username, but some let you select your own username. Consider using a different username every time, your password manager remembers it! Now anyone trying to get into your account must guess both the username and the password.
9. Clear Your Cache
Deleting cookies may cause trouble for some websites you may lose any personalization you’ve applied. Most browsers let you list favorite websites whose cookies shouldn’t be tossed. To better protect that information that may be lurking in your Web history, be sure to delete browser cookies and clear your browser history on a regular basis. It’s easy. In Chrome, Edge, Firefox, Internet Explorer, or Opera, simply press Ctrl+Shift+Del to bring up a dialog that lets you choose which elements of browser data you want to clear.
10. Turn Off the ‘Save Password’ Feature in Browsers
Browsers include a built-in password management solution. We at PCMag don’t recommend them, however. We feel it’s best to leave password protection to the experts who make password managers.When you install a third-party password manager, it typically offers to import your password from the browser’s storage. If the password manager can do that, you can be sure some malicious software can do the same. In addition, keeping your passwords in a single, central password manager lets you use them across all browsers and devices.