How Secure Are You Online: The Checklist
Think you do enough to secure your passwords, browsing, and networking? Prove it.
Not all computer security is about tin foil hats and anonymous browsing. Everyone who uses a computer has a horse in the security race. For the purpose of this post, we're breaking down online security into four essential parts: passwords, browsers, at-home Wi-Fi and networking, and browsing on public Wi-Fi. Within those categories we'll give you a checklist of everything you should do, from the bare minimum to the tin-foil-hat best.
Think you've done your due diligence with your security? Jump to any of the four sections below to see how you stack up (and boost your security where you may be lacking):
Password Security Checklist
Password security has been popping up a lot in the news recently, but how much you should care is entirely dependent on what you do online.
The Bare Minimum of Password Security
Just because you don't use a lot of online services doesn't mean you can neglect basic password security. Sure, you don't need to take any complicated measures, but everyone should at least do a couple things.
- Pick strong passwords: Regardless of what your password is for, it's always good to pick a strong, random password. Don't use your child's name, or a birthday.
- Use unique passwords for every site: Don't ever reuse the same email and password combo on multiple services. It might seem like it doesn't matter, but if a hacker gets your account information on one site, that means they can use that login information on every other site you're registered at. Keep all your passwords different.
- Use Should I Change My Password? to track security breaches: If you don't keep up with tech news you probably don't see most minor security breaches. To help out, the webapp Should I Change My Password? notifies you when a major service is hacked.
That's the minimum you should do if you want to play it safe and secure with your passwords. But you can do better than that. Let's step up your game.
Level Up: You're a Password Pro
If you're the type to conduct a lot of work online, then you need more complicated security measures. With that in mind, you should do the steps mentioned above, and a few other things.
- Use two-factor authentication whenever possible: Two-factor authentication is a simple way to lock your computer to an account so you have to verify your identity when you log onto a different computer. Not all services have it, but Google, LastPass, Facebook, Dropbox, and more all do. Use it.
- Use a password manager: We get it, you have a lot of passwords and you don't want to remember them all. Instead of reusing the same junky password, a password manager is a simple way to save them all securely. We like LastPass, but KeePass, and 1Password are equally solid solutions.
- Shut down and unlink services you don't use: If you're the type to try out a lot of different webapps or mobile apps then you probably have a ton of passwords scattered around everywhere. When you decide you don't want to use a service anymore, remember to delete your account. This way, if the service is hacked you don't have to fumble around trying to remember your login information. For added protection, make sure you clean up your app permissions on Facebook and Twitter.
- Use misleading password hints: Finally, don't answer password hints truthfully. Instead, you can use word association, or just pick a random response (that you'll remember).
If you're doing all of the above, your passwords are about as safe as they can get. Nice work, and stay vigilant!
Browser Security Checklist
With all your passwords in check it's time to ensure your browsing is both secure and private. Of course, many people don't care about privacy, but security—even after your passwords are in order—is still important.
The Bare Minimum of Browser Security
Password security is just part of the battle. You also want to make sure your browser is secure. This is what everyone should be doing:
- HTTPS Everywhere: You likely know by now that you should never hand over personal info unless you're doing so over a secure connection (HTTPS in the browser URL). The HTTPS Everywhere browser extension highlights secure sites, and ensures you're always on HTTPS whenever it's available (including on social networks, shopping sites, and more).
- Log out of your accounts: If you're sharing a computer in a house full of people, or you do most of your browsing on a public computer, always remember to logout of any account you use. It's a simple, obvious step, but it's worth repeating to yourself until you remember. When you don't log out of an account, you're giving authorization to snoop.
- Understand the basics of online fraud: Phishing scams, malware, and other nasty things are all easy to detect if you keep a cautious eye on what your browser is doing at all times. Be skeptical of odd emails, brush up on the FTC's guide to identity theft, and don't trust your personal information to any website that doesn't use HTTPS.
The basics of browser security are great for most people, but if you want to keep advertisers and The Man off your back, you need to take a few more measures.
Level Up: Keep Everyone from Tracking You
We know that pretty much everyone is tracking your every move on the web. The data collected from your browsing is used for ads, targeted coupons, and plenty more. Let's put a stop to that.
- Adblock Plus: Adblock Plus isn't just an ad blocking extension, it also helps keep the likes of Twitter, Facebook, and Google+ from transmitting data about you.
- Ghostery: Ghostery is an extension that's all about eliminating tracking cookies and plug-ins used by ad networks. With Ghostery installed, no advertiser can snoop on what you're doing online.
- Do Not Track Plus: Do Not Track is an extension that eliminates sites with Facebook and Google+ buttons from tracking you. By default, a data exchange happens when you visit a site with one of these buttons, even if you don't click on them. Do Not Track stops that from happening.
The above extensions and measures can ensure you have a private and secure browsing experience. But if you really want to keep your browsing away from prying eyes, you have to go anonymous.
Next Level: Go Anonymous
Completely anonymous browsing isn't for everyone, nor is it for every situation. However, it can come in handy when you're torrenting, when you don't want to give away your location, and if you just plain don't like somebody watching over your shoulder. Here's what you'll need.
- Tor Browser: Tor is the easiest to use anonymous browser. When you use Tor for browsing, you don't get plugins, your traffic is automatically encrypted, and your browsing is always anonymous.
- Use VPN services to secure everything you do: VPN services are a great way to create secure connections across the internet. Using a VPN means you're encrypting all the data transferred online. We like Hamachi because it's incredibly easy to use, but any of these five will do the trick.
- Use BTGuard for anonymous torrenting: Peer-to-peer file sharing is great, but since it's often used for piracy you might want to keep your downloads private. BTGuard does just that through a proxy server (which helps keep you anonymous). The service is $59.95 a year, but it's worth it to avoid throttling from your Internet Service Provider.
Home Network Security Checklist
Once your internet data is secure it's time to secure your data on your home computer. This means backing everything up, and keeping your network safe from prying eyes.
The Bare Minimum of Network Security
If you don't use your computer for much more than browsing the web, creating a couple documents, and storing family photos, then you don't need to do much to keep everything safe.
- Keep your software up to date: Software updates aren't just about adding new features, they're often about patching security holes. Thankfully, the update process is very simple. On Windows, click the Start Menu > All Programs > Windows Update. On Mac, click the Apple menu, and choose Software Update. Both update programs run periodically on their own, but it's always good to check for a new update if you hear about a security issue.
- Change your router's security settings: If you're still running your router's default settings, then pretty much anyone can get into your home network and peek in on your computers. It's not hard to crack WEP passwords or WPA passwords, but you should at least enable a non-default password and network name on your router.
- Backup your photos and documents: Perhaps you're not all that worried about what would happen if your $200 computer dies because you don't do that much with it. Still, chances are you have a resume or some vacation photos on the hard drive. Backing up those few important files is easy. Cloud storage like Dropbox, Box, and Skydrive take very little time to set up. Once you do, your few important documents will be saved online.
- Prevent downloaded software from installing automatically: Malware often comes in the form of a download you don't notice happening, but it's easy to stop. On Windows, disabling AutoRun can stop around 50% of Malware threats, and all you need is the free software Disable Autorun. On Mac, downloads shouldn't run automatically, but if you're using OS X Mountain Lion you can set up GateKeeper (System Preferences > Security & Privacy > General) to only allow applications from the Mac App Store for added security.
These are just the basics. If your computer is your livelihood, you need to do a few more things to keep your data secure.
Level Up: You're a Network Security Pro
Whether you work from home, or you're simply on a work computer all day long, keeping your data secure and safe is important. On top of everything above, you also want to add a few more security measures.
- Create automated backups with Crashplan: If your computer contains everything you need to work, then you need a solid full system backup solution. We like Crashplan because it's cheap, automated, and works on every operating system.
- Set folder specific permissions: If you're sharing your computer with a household of people, but need to ensure your work documents are safe, then setting up permissions is the easiest way to do it. In Windows, right-click the folder, go to Properties, and open the Security settings. Then click the edit setting and select your user name to lock the folder to you. On Mac, right-click a folder, click Get Info, and change the settings under Sharing & Permissions. For extra security, you can easily set up encryption with Truecrypt.
- Know how someone would break into your computer (and keep it from happening to you): It's surprisingly easy to a Mac. Once you know how someone could get into your system, it's relatively easy to prevent. On Windows, you can usually get away with a long password, and on Mac you can set up FireVault to secure your
data (System Preferences > Security).
- Upgrade your router's security: As we mentioned above, hacking into a wireless network is incredibly easy. One way to secure your router is to upgrade its firmware with DD-WRT or Tomato. Upgrading your router can keep you safe from at least one type of hack.
The above is more than enough for most people on their home network, but what about when you need to leave the house?
Public Wi-Fi Security Checklist
Using public Wi-Fi exposes everything you do online (and your computer itself) to anyone else on the network. We've shown you how people sniff out your passwords on public Wi-Fi before, and it's suprisingly simple. Let's stop that from happening to you.
Bare Minimum of Public Wi-Fi Security
Let's say you occasionally check email on public Wi-Fi when your internet is down or you're on vacation. You're always tempting fate when you don't completely lock down your computer, but here's the minimum amount of effort you should always do.
- Always use HTTPS: We mentioned HTTPS Everywhere above, but it's worth repeating here. If you're checking your email, or doing anything else with a password on a public network, always use HTTPS.
- Turn off sharing: When you're at home you might share your files with other people on your network. That's great, but you don't want that on public Wi-Fi. Disable it before you even connect. In Windows, open Control Panel, then head to Network and Internet > Network and Sharing Center. Then click Choose Homegroup and Sharing Options > Change Advanced Settings. Turn off file sharing, print sharing, network discovery, and the public folder. On Mac, open System Preferences > Sharing, and make sure all the boxes are unchecked.
- Don't connect to Wi-Fi unless you need it: This might seem like common sense, but if you're not actually using the internet connection, turn it off. In Windows, right-click the wireless icon in the taskbar and turn it off. On a Mac, click the Wi-Fi button in the menu bar, and turn off Wi-Fi.
Doing these three things will keep most of your data secure when you're just popping in to quickly check your email. If you're using free Wi-Fi in a dorm or apartment building, you need a stronger solution.
Level Up: You're a Public Wi-Fi Pro
If you're on public Wi-Fi a lot, it's best to really lock down and encrypt your data. In addition to the steps above (particularly turning off file sharing and HTTPS), you can lock out anyone pretty easily.
- Encrypt everything with Hamachi and Privoxy: The easiest way to cut off outsiders from peeking into your private data when you're on a public network is with the free VPN Hamachi, and the web proxy Privoxy. Setup isn't much more complicated than a few clicks, and the end result is secure connections for all your browsing.
- Encypt it further with an SSH SOCKS proxy: If you don't want to use a VPN, another option is to roll your own SSH SOCKS proxy. This encrypts all your web browsing and redirects it through a trusted computer.
That's all you really need to do when you're on public Wi-Fi to keep your browsing encrypted and safe. However, you can take it another step and go completely anonymous.
Next Level: Grab Your Tin Foil Hat, We're Going Untraceable
Perhaps you really don't want anyone tracking what you're doing on a public Wi-Fi network or worse, public computer. This sounds nefarious, but it's handy for things like checking your bank account on a public computer.
The simplest way to go completely anonymous is with a custom build of Linux called Tails installed on a USB or CD. We've walked you through the setup process before and it's very easy. With Tails you get a custom operating system with built-in anonymous browsing, encryption for email and chat, file encryption, and a ton of software. You can load Tails up on your own computer, or a public one. With Tails, you not only browse without leaving a trace, you also secure everything you do.
Security is important to everyone from the tech illiterate to the tech savvy. The precautions you decide to make are your own choice, but always keep in mind that you security online is just as important (if not more) than the security in your own home.