We all know that it’s important to have secure passwords for all of the online services that we use, but making sure that all those passwords are unique and that all the data that we transmit over the web is encrypted and secure is challenging – and it’s also inconvenient.
Here are a few things that you can do to make yourself more secure online.
1. Check to see if your email address has been a part of a breach
It’s likely that some of your email accounts have been compromised. Visit haveibeenpwnd.com, type in your email address and you’ll find out immediately if any of your accounts have been a part of a major breach.
If your account has been part of a major breach, change your password for that service! I typed in my personal and work email addresses and found out that they’d both been part of multiple breaches. 🙁
2. Research and get a Password Manager to generate and secure your passwords
Passwords are the most vulnerable point of our internet security. The password is the door to the house where we store all of our valuable data.
While some security experts recommend changing your passwords regularly, that assumes that users have the same password for every one of their accounts. Rather than worrying about regularly changing passwords, you should have unique passwords for each service you use. That way when one of your passwords is compromised, it doesn’t give an attacker access to all of your accounts.
When creating new passwords, you want passwords that are:
- Have never been used
- Contain no personal information
- Contain no dictionary words
It’s hard to think of strong, complex passwords that satisfy all those criteria – and when you have unique passwords for each service you use, where do you store them? Using a password manager, like Dashlane, LastPass, or 1Password to generate passwords makes creating unique passwords for each service you use more convenient.
Watch this clip from the Security Literacy course to learn more about some of the challenges involved in creating ‘good’ passwords.
3. Enable Two-Factor Authentication
Two Factor Authentication, also known as 2FA, is an extra layer of security that adds an extra layer of security to your login process. In addition to a username and a password, 2FA requires you to enter an additional password that only you would have access to. Normally this means entering an additional code received from an app or through a text message, which can be very inconvenient – but I think it’s worth the tradeoff to make your accounts more secure.
You should add 2FA to all of your most sensitive accounts if it is available. In a quick online search, I found a service called TwoFactorAuth.org that lists websites and whether or not they support 2FA.
4. Understand how you’re being tracked online
Your browser activity is constantly being tracked. Learn what services are tracking your activity by visiting panopticlick.eff.org and installing the PrivacyBadger extension.
With the PrivacyBadger extension, you can see exactly what services are tracking your browser activity and block them.
Thanks for taking the time to read this short piece about being more secure online.
I’m not a security expert by the way – I learned everything that I’ve posted here by taking the 84-minute Security Foundations course at Treehouse, written by Greg Stromire, a software engineer at Tozny.
The entire course also covers the most common types of online attacks to avoid, data encryption, the importance of VPNs, and how to create threat models.