Basic Online Safety

I'm sure everyone here knows all this, but it still bears repeating. Be safe out there.

Image: Russian hacker wanted by the FBI.
Image: These people really do exist.

No matter to what lengths you go, you simply cannot be connected to the Internet without exposing yourself to bad actors out there who want as much data from you as they can accumulate.

Databases of stolen data are bought and sold like loaves of bread these days. Some of it is old stuff stolen last year, some of it is so new the theft hasn't even been discovered. The average person doesn't know which pieces of their online life are in whose hands.

I read literally every day of a new breach and theft of user ID's, hashed and open text passwords, drivers license, credit card, birthday, and other types of information. Some thieves are picky, some are not. A market exists for nearly anything they can get.

Here are a few things that anyone can do to help reduce their exposure:

  1. Use unique logins (usernames AND passwords) on every website.
    • Try to avoid using your email address as a login. Some sites require it. Many don't.
  2. Use a password manager to keep your passwords locked behind another private, unique, strong password. This then becomes one of the only passwords you have to memorize.
    • I use KeepassXC on Windows and Linux, and Keepass2Android on my phone. Free open source. Very solid. These use one password protected encrypted file which I can store anywhere I choose, including Dropbox, OneDrive and the like.
  3. Use Two-factor Authentication everywhere you can. Google it.
  4. Delete emails that are from people you don't know. There are exceptions, of course, but that is the general rule.
  5. Never, never, never click on that link unless you KNOW FOR CERTAIN who sent it, and can figure out the link actually points to a URL you trust. There are ways to do that. Google it.
  6. Use the same self-protection rules on the Internet that you use in the real world.
    • Be careful where you go. Some neighborhoods are just dangerous.
    • Be aware of your surroundings. This applies to both online and your physical environment.
    • Know who you are dealing with. Also hard, but not impossible.
    • Accept responsibility for knowing that everything you do will bring a consequence. Online consequences can be quite expensive.
  7. Change your email password frequently.
  8. Frequently change your passwords on critical sites like online banking, Amazon and other shopping sites you frequent.
    • When you use a password manager, this isn't hard or time-consuming. It can save your bacon, though.
  9. Create a disposable email address to use for those times you aren't sure you want to share your normal email address.
    • There are a few places like Gmail where you can still do this.
    • You can have multiple throw-away emails, too. You're not limited to one.
  10. Keep a healthy dose of suspicion everywhere you go online.
    • On a new site? Dig around at the bottom of the page. Look in the terms of service and the privacy policy. Legitimate sites will have a physical mailing address there. Of course that could be false. See if you can find the business on Google Maps using that address.
    • Any new person you meet online probably is not who they say they are. Sound too cynical? Not really.

There is no end to the measures you can take to protect yourself online. Just like in the physical world, you can add layers of protection until you literally can't move. That isn't practical, however, and we all will take some risks every day everywhere we go. If you follow these ten steps, you will improve your chances of surviving in the raw and unforgiving landscape of the Internet.

Good luck, and be careful out there.

link to home page