(The following is adapted from Hack-Proof Your Life Now! by Sean M. Bailey and Devin Kropp.)
A finger tap is the most common and necessary action we take on our computers and devices. It’s also the most dangerous.
Cybersecurity — the personal behaviors and actions you take to protect yourself in the online world from identity thefts, frauds and other crimes aimed at stealing your personal information and data — is a serious personal issue. So we all need to know how to protect ourselves. Below are five action steps to do it; most take 10 minutes or less. (The book has 13 more.)
Action Step 1: Create a Secret Email Address
Estimated completion time: Less than 10 minutes
A password manager will enhance your safety and make your online life easier by eliminating the need to clog your brain remembering weak passwords.
Creating a secret email address will boost your security by reducing the number of places hackers may find the email you use for your financial accounts.
Email address: Avoid using any personal information about yourself when you create your email address — the portion that comes before the @ sign.
Password: Naturally, for your secret email, you’ll want a very strong password. Include some numbers and symbols.
Two-step protection: Set up your account so it has a two-step login process, which all good email providers offer.
Password reset: If offered, choose the safer telephone recovery option to reset your password. If not, make certain you pick a password reset question that’s difficult to guess.
Action Step 2: Get a Password Manager
Estimated completion time: Less than 30 minutes
A password manager will enhance your safety and make your online life easier by eliminating the need to clog your brain remembering weak passwords. It lets you store your passwords in an encrypted file on your computer or in the cloud, protecting all your passwords with one strong master password. Be sure to familiarize yourself with the way your password manager works and how it appears on your computer and devices.
Most password managers have paid and free versions of their software. The free versions usually work only on one device; with a paid version, you can sync your password manager to your computer, smartphone, tablet and any other device you use.
Some options include: Dashlane (its paid version is Dashlane Premium, costing $39.99 a year); LastPass, which stores your encrypted passwords in the cloud rather than on your local device (its paid version is LastPass Premium, costing $12 a year); 1Password ($64.99 purchase for a single user; $5 a month for up to five people with 1Password Families); iCloud Keychain, which is Apple’s free password manager for certain iPhones, iPads and Macs and KeePass, a free open-source program you can download and use on all your devices.
Action Step 3: Tighten Your Privacy Settings on Social Media
Estimated completion time: Less than 10 minutes
The fun in social media involves sharing news and photos with your friends and family. Unfortunately, hackers have taken advantage of people’s loose security settings to obtain their personal information to use in hacks and other frauds.
Good cybersecurity requires having strong privacy settings. Review yours on all your social media profiles, including these:
Facebook Click the triangle next to Account, select Settings and then Privacy. Select the privacy option that best fits your needs. Facebook also has a feature called Privacy Checkup, which can also be found in the dropdown box on the upper-right corner of your Facebook page. It lets you check and edit your basic privacy settings in one place.
Facebook’s two-step verification is called Login Approvals; it requires you to enter a code sent to your mobile device when logging in to your Facebook account from an unrecognized device. You can opt into Login Approvals by choosing Account Security in your Account Settings page.
Twitter The default Public setting means anyone can see your tweets and follow you without your approval. However, by setting your Twitter account to Protected, only those you’ve approved as followers can view your tweets. Go to the Security and Privacy Setting section on your Twitter feed, find the Tweet Privacy section and check the box next to Protect My Tweets. You’ll need to enter your password to save the change.
Twitter has Login Verification, which sends a six-digit code to your mobile number on file when logging in to your account. Go to the Account Settings page of your Twitter account and select Verify Login Requests. You’ll be prompted to enter your phone number and a confirmed email address.
Action Step 4: Use Free Public Wi-Fi Cautiously
Estimated completion time: Less than five minutes
While it’s okay to use free Wi-Fi — except for checking your email or conducting financial transactions — if you need to use public Wi-Fi often, you should have a Virtual Private Network (VPN). This program will encrypt your activities, preventing thieves from watching and recording what you do.
Some free VPNs will give you basic security, but are usually supported by ads. You can also purchase a subscription to a virtual network service, for $2 to $10 a month. Paid VPN services typically work on up to five devices.
You’ll want to use a VPN app not just for your computer, but for your smartphone and tablet if you use free Wi-Fi often.
A few VPN services to consider: NordVPN ($48 a year); Private Internet Access ($39.95 a year), Spotflux Premium ($37.99 a year or $29.99 for one device); HotSpot Shield Elite ($29.95; also comes in a free version) and CyberGhost (free with ads).
Action Step 5: Secure Your Home Wi-Fi Network
Estimated completion time: Less than 60 minutes
To secure your home Wi-Fi network, you’ll need to gather some information about your router: its name (typically under the router); its model number (same place) and its IP address.
Next, create a new username and password. Then, find the Wireless Security or Wireless Network setting to change the wireless encryption type to the most secure option. Choose WPA2, WPA2-PSK or WPA2-ENT. Then, restart your router and reconnect all your divces.
Next, disable WPS (Wi-Fi Protected Setup). The WPS feature lets you quickly connect your devices to your home network without needing to enter your Wi-Fi password. If you don’t disable it, you will have a huge security hole.
To disable WPS, log in to your router again and look for Wi-Fi Protected Setup or WPS in the interface. From there, see your options for disabling WPS. If you can, disable WPS altogether. If you’re not allowed to do that, at the very least, disable the PIN or put a limit on the number of guesses someone can take before gaining access.
Finally, update your router’s firmware (a fancy word for the software installed on your router). This keeps your wireless network secure. Type your router’s IP address into your browser, then log in with your router’s username and password. Then you’ll see the firmware version your router currently runs. To see if it’s outdated, go to the router manufacturer’s site and click Downloads for the newest version of its firmware.
To update your firmware, connect your router to your computer with an Ethernet cable. Go back to your router’s Default Gateway landing page (you found it by entering the IP address) and click on the Security or Administration tab. Find Firmware Upgrade, open it and then Start Upgrade.