So it’s 2019. Guess what? There’s more information security threats than ever. These can put you at risk. Risk of losing your identity, funds and privacy. There are a few easy steps you can take to protect yourself. A lot of them are quite simple, and involve reviewing and cleaning up your online presence. In this post I will cover some simple ways to improve your personal security posture.
Disclaimer: This is advice based on my personal research, and is not exhaustive of all the security practices you should consider.
A Proper Password Manager
- Download the password manager’s browser extension to your browser of choice. This will allow you to add and use passwords on the fly on your laptop or desktop. Here’s a link to download 1password extensions.
- Download the password manager’s mobile app. This will allow you to access passwords for your phone, and on the go.
- Delete any online documents where you wrote your passwords. Shred any piece of paper where you wrote your passwords
Now a password manager is no good if you don’t take care of your master password. This is the password to your password manager, that protects ALL your passwords. They might also give you a secret key. Here’s what to do with these credentials.
- Don’t email credentials to yourself, or write it down in a document on your computer/in the cloud
- Don’t take a picture of credentials with your phone
- Do write it down on paper and store it somewhere secure
- Do consider writing down a second copy to store in another place or give to a trusted friend/family member
Ensuring your master password is secure ensures your vault of passwords is secure.
Change ALL old passwords once you have a Password Manager
One amazing feature of password managers is automatic entering of passwords without typing. Since you no longer have to type a complex password you should now create strong passwords. Block off an hour of time and do the following from your computer with a browser + password manager extension.
- Go to every site you can think of, login, and save the credentials to your password manager. Really rack your brain on all the sites you use
- Once complete, open up your password vault and open up a website
- Go to the website’s settings, and find the change password section
- Use the password managers “password generator” feature to get a strong password, and then save it
Repeat the steps above for ALL of your accounts. You may want to generate a new password every time, or, re-use some of the same strong passwords. It’s up to you.
Here is a quick priority order of the types of websites you should focus on setting strong passwords for.
- Financial accounts
- Social media accounts
- Online stores or any website that has your credit card info
Clean up email accounts and cloud storage
Put yourself in this scenario. Someone hacks your old email account that you never use, that has been around for 20 years. It’s likely you have some stuff in there that shouldn’t be there. This includes old passwords, personal information and sensitive data. Being messy here can help a hacker gain further access to the accounts you actually do care about.
But since it’s old, you don’t care about it, and never think about it.
It’s totally worth it to go and clean this up! Spend a few hours searching through your accounts and deleting items. Make sure after you delete them, also clear the trashcan. Here are some quick tips to find things to consider deleting:
- Emails that you sent to yourself (could have credentials)
- Emails with attachments you sent or received
- Documents with logins or passwords
- Pictures of your passport or licenses
- Personal documents
- Financial information
Be weary of third party apps (e.g. Facebook games, browser extensions, etc.)
That quiz on facebook that tells you what type of animal you are?
That browser extension that gives you awesome coupon codes to save money?
Be careful. Add-ons and apps like this could be collecting too much data, or even have malware and other security threats. To be safe, keep use of these types of applications to a minimum, and only use apps from trusted sources.
Don’t get phished
What’s Phishing again? It’s when someone sends you a deceptive email trying to trick you into clicking a malicious link. These can be very tricky and convincing. Phishing emails often mock someone you know or a popular website like Google, Facebook, etc.
If you are suspicious, delete it. Also, a good way to check is hover over (but don’t click!) any links. When you hover over, you will likely see that the real URL is not what you think it is, and it is a malicious link.
Always be vigilant
One of the best things you can do is adopt a vigilant mindset for when it comes to personal security. Be careful what you use, click and sign up for. If something looks suspicious, don’t touch it.
I hope you learned some basic about personal internet security. If you have any questions, feel free to ask in the comments.