How to stay safe online (internet safety tips)
This article provides a few simple, important Internet safety tips that can help everyone to stay safe online.
Almost everyone uses the Internet now, but not everyone knows about the dangers of using the Internet.
Internet threats are increasing, and new threats are emerging every day.
From computer viruses to hackers to scammers to stalkers, you can find it all on the Internet.
That's why you should educate yourself and your family about how to stay safe online.
Tips for staying safe online
Keep your web browser updated
Most web browsers get at least once or twice a month updates.
These updates may include patches to fix security vulnerabilities in the browser, and this prevents hackers or malware (malicious software) from exploiting these security holes.
Use caution when using browser extensions
Browser extensions can be useful because they can extend the functionality of a web browser.
But there are also malicious extensions that can capture your passwords, track your Internet browsing activity, insert advertisements into web pages you visit, and infect your computer with malware computer viruses, spyware, trojan horse, etc.).
Even a popular and widely recommended browser extension can one day be hacked or sold and turned into a malicious browser extension.
Below are three examples of popular browser extensions that turned bad.
- Particle for YouTube was sold to a new developer who immediately turned it into Adware. [source]
- Web of Trust (WoT) recorded, collected, analyzed, and sold data about its users' browsing activities to third-parties without properly anonymizing the data, resulting in the personal identification of Web of Trust users. [source]
Use as few web browser extensions as possible, and only install extensions from developers you trust, like, for example, Google, Microsoft, or another trustworthy developer.
Also, take your time to read all the dialog boxes that appear when you install an extension and don't download browser extensions bundled with other applications.
Use strong passwords
You should use a strong password that's at least 20 characters long and includes uppercase and lowercase letters, numbers, and symbols.
Don't use a weak password like, for example, 123456, qwerty, test1, password, abc123, 123123, iloveyou, P@ssw0rd, or another weak password, because then even someone with basic computer knowledge can access your online accounts or encrypted data easily and quickly.
You can create a secure password by using a poem, lyric from a song, or a line from a movie.
Let's take the following lyric “Life is too short and I got no time to sit around just wasting it”.
- Take the abbreviation of the lyric. Passphrase becomes litsaignttsajwi
- Change a few letters to uppercase letters. Passphrase becomes LitSaignTtsajWi
- Change letters to numbers. Passphrase becomes LitSai9nTt5ajWi
- Add punctuation. Passphrase becomes !LitSai9nTt5ajWi$
Let's take the following line from the movie Braveheart “They may take our lives, but they'll never take our freedom!”.
- Take the abbreviation of the lyric. Passphrase becomes tmtolbtntof!
- Change a few letters to uppercase letters. Passphrase becomes TmtolbtntoF!
- Change letters to numbers. Passphrase becomes Tmt01btntoF!
- Add punctuation. Passphrase becomes $Tmt01btntoF!
You can make the password unique for all of your online accounts by adding letters to the beginning or end.
Let's say I'm going to create a password for Facebook.
I take the first letter of Facebook, the letter f, and add it to the beginning of the password. Like for example: f!LitSai9nTt5ajWi$. Or I add the @ symbol followed by the letter f at the end of the password. Like for example: !LitSai9nTt5ajWi$@f.
But I rather have different passwords for all my accounts. That's one of the reasons I use a password manager. Password managers have a password generator built-in, and with this feature, you can create strong, unique, complex, secure passwords easily and quickly.
A password manager generates complex passwords and stores them in an encrypted database.
With a password manager, you only need to create and remember one strong password to access all your other passwords.
Some examples of well-known password managers are LastPass, KeePass, DashLane, 1Password, RoboForm, and Bitwarden.
Don't reuse passwords
Remembering passwords is hard, and the easiest solution for many people is to use the same one for everything.
You trust your bank to securely store your account password, right?
But do you also trust your email provider and social media sites?
And what about that one site that you created an account on to enter a giveaway?
Using a unique password is an important part of protecting yourself on the Internet.
One option is an option I mentioned before, and that's using a password manager like LastPass, KeePass, DashLane, 1Password, RoboForm, or Bitwarden. Rather than remembering dozens of unique, strong passwords, you only need to remember a single master password, and the password manager handles the rest.
You can even let a password manager generate new passwords and update them on your sites to make switching over easier.
Enable two-factor authentication
Two-factor authentication (also known as 2FA, 2-Step verification) is an extra layer of security for your online accounts designed to ensure that you're the only person who can access your accounts, even if someone else knows your passwords.
If you enable two-step verification on, let's say, your Facebook, Twitter, or Gmail account and want to log into your account, then you will not only need a username and password, but also something like a code that you can get via SMS, an authentication app, special software, email, or in another way.
Only use SMS as a two-factor authentication method when there is no other option because SMS is the least secure option for two-factor authentication. But SMS is still better than no two-factor authentication at all!
A better, more secure way is to use an authentication app like Microsoft Authenticator, Google Authenticator, or Authy.
Protect your wifi network with a password
A WiFi network without a password is more convenient because you don't need to keep telling your friends what the password is when they hang out at your place.
You might not even care if your neighbors are using your WiFi network.
But do you know the risks of allowing anyone to access your WiFi network?
Many computers have different security settings based on how much you trust a network and also your home WiFi network.
Trusted networks typically let you share folders with other computers on the same network, which means that anyone on your wireless network could look at the files stored in these shared folders.
By protecting your home WiFi network with a password, you protect your computer and everyone else using your WiFi network.
You should use WPA2 or WPA encryption (WPA2 is the strongest) for your WiFi network and not WEP encryption.
Think about what you share online
Social media is all about sharing.
Have you ever considered what kind of information you are sharing on social media when you post a photo or a status update about your plans?
Photos include location information, which can tell anyone who can see them exactly where you took the photos.
Posting about your vacation plans lets people know when your house may be empty, which is ideal information for burglars.
Think about what you post and what people could learn from reading it.
Turn off bluetooth
Bluetooth can be really useful.
You can use it for hands-free calling in the car and also for wireless keyboards and headphones.
But what are the risks of using Bluetooth?
Bluetooth essentially keeps asking everything around it if they're available for a Bluetooth connection.
Under the right circumstances, this is fine since you can't typically connect to something via Bluetooth without entering a code from one device on another device.
But there are exploits (like BlueBorne) that can allow an attacker to access your smartphone or computer without even touching it.
So it's best to turn off Bluetooth when you're not using it.
Disable wifi auto-connect
The WiFi auto-connect feature can be useful.
You go to your favorite cafe or restaurant, and your device will automatically log into their WiFi network without having to do a thing.
That's really useful, right?
Have you ever thought about how that all works?
In a nutshell, your phone, tablet, or laptop saves the WiFi name and password and tries to log into a network when it finds one with that same name.
But what stops someone from creating a network with the same name and use it to infect your phone, tablet, or laptop with malware when you auto-connect to it? Nothing!
So it's best to disable WiFi auto-connect and only connect to WiFi networks that you know and trust.
Beware of public wifi networks
You're in a cafe and want to take care of a couple of things from your phone while waiting for your coffee.
You pull out your phone, connect to the cafe's WiFi network, and do your thing.
But have you ever considered the risks?
We've already talked about the risk of malicious WiFi networks, but what can go wrong on a trusted network?
You may know that HTTPS encrypts the data going to and from your computer, but did you know that it doesn't apply to the URL of the site that you're visiting?
Anyone in the cafe with the right equipment (which is cheap) can know what sites you're visiting.
Are you comfortable with anyone knowing every website that you're visiting?
The best solution for this is a Virtual Private Network (VPN).
What a VPN does is act as an encrypted tunnel between your computer, tablet, or phone and another network.
With a VPN, nobody on that public WiFi network can see anything about what sites you are visiting.
Maybe you're also interested in:
Windows 10 security tips and is Windows Defender good enough?
FreedomPress: The three types of passphrases
PixelPrivacy: The real life risks of re-using the same passwords
HeimdalSecurity: Why you should start using two-factor authentication now
NetworkWorld: The importance of wireless security
HuffingtonPost: Three good reasons to lock down your wireless network
GOV.UK: Think before you share online
Techcrunch: New bluetooth vulnerability can hack a phone in 10 seconds