Every day we interact online in a lot of ways. From social media platforms like Facebook to professional networking platform like LinkedIn, a lot of our information is available online.
In addition, we use cloud storage services like Dropbox, Google Drive, and OneDrive. And let alone our email accounts from Gmail, Outlook, and Yahoo.
In the past, billions of yahoo user accounts were compromised. Sure, tech giants like Google, Microsoft, and Amazon practice best security measures. But somehow, hackers find a way to exploit these systems and steal user information and credit card details.
Ask yourself one question: how bad your situation would be if just your email account is compromised?
Sounds scary, right?
As the old saying, prevention is better than cure; it is better to tighten your online security. And mind that leaving loose ends possess a high risk of getting hacked.
In this article, we explain some best practices and tips to follow that help you protect your information online.
Use A Strong Password
A strong password does not only mean that it should have an alphanumeric combination along with symbols. The password you are using must be different from what you have used elsewhere.
For example, your Gmail password should not be as same as your online banking login. Or your Facebook login credentials should not be as same as that of your Dropbox account.
Moreover, avoid using any personal info in the password combinations. It is not uncommon for many people to use his child or spouse name along with a date of birth. When that happens, you are giving hackers a free pass.
The hackers can easily guess your password within a few tries, and nobody can guess what happens next when your social media or banking accounts get hacked. Whatever it is, the consequences will be the worst you can imagine.
So, use a gibberish password so that it’s very hard for guessing. But you may ask, I have ten different accounts, how do I remember the passwords for each one of them, that too with such complex password combinations?
The answer is simple: use a password manager.
A password manager stores all your passwords with strong encryption. Only you can decrypt those passwords, even the people who design the password manager cannot decode. Because only you will have the secret key to decrypt.
So, don’t lose the secret key. Otherwise, you will have a hard time recovering all the accounts as you lost or could not remember all the passwords.
Access Only Secured Website
Millions of websites are available out there on the internet. All the time we search on google for the information, and we click on the top results.
By default, Google gives a better ranking for the sites that are secured.
A secured site is nothing but having an HTTPS URLs and with valid SSL certificate.
When you have visited a secured website, browsers like Firefox and Google Chrome will display a solid padlock. If the site is not secure, Firefox will display a slash on the padlock instead of the green padlock, and Google Chrome shows ‘Not Secure’ text.
Some sites also use EV SSL certificate validation. EV SSL is a highly secured certificate. To get an EV SSL certificate, a site must go through rigorous checks and verifications.
When you have visited a site with EV SSL validation, the address bar in your web browser will show the registered name of the company that is maintaining the site.
But sometimes, even Google shows results of a non-secured website because of the unavailability of better alternatives.
These insecure websites contain a lot of potential security threats.
You should try to avoid visiting the insecure website. Even if you do, be mindful and do not enter any personal or financial information like name, date of birth, email, credit card information, etc.
Also, it would help if you moved away or close the insecure web pages as soon as your need is fulfilled.
Beware of Public Wi-Fi Networks
Public Wi-Fi networks are cheaper and faster. But often, they do come with inadequate security measures.
If you are using a public wi-fi and a hacker is sitting in the same network, the hacker can see your traffic, the sites you are visiting, and the login credentials you are entering.
However, that is not the case with all the public wi-fi networks. But it would help if you did not leave security measures behind.
In such situations, using a VPN is a wise choice. A VPN tunnels your traffic from your device to the VPN provider’s server, and then it goes to the internet. So, even if you are using public wi-fi, the hacker can’t read your data because the VPN service encrypts everything.
Also, be careful with the VPN service provider you choose. Because the service provider might be able to see which site you are visiting and when. One rule of thumb is to prefer the reputed service providers like Proton VPN, Express VPN, Nord VPN, etc.
Use Two-Factor Authentication
It is good to have one more layer of authentication in addition to your password. And having two steps of authentication is called two-factor authentication.
All popular services like Gmail, Dropbox, and Outlook have this feature enabled. When you have enabled two-factor authentication, after you enter a password, you will have to enter an OTP (One-Time Password) that is massaged to your mobile number. Some services use third-party apps like Google Authenticator to generate an OTP for you.
Google Authenticator and Authy are apps you have to install on your smartphone. Once you set up two-factor authentication with those on your desired sites, then every time you log in to that site, you have to enter the OTP given by that app (Ex: Authy).
Using two-factor authentication is only secure if you keep your smartphone safe from viruses, trojans, and malware, etc. Otherwise, there is no real value in using two-factor authentication.
Remember, your two-factor authentication is only as secure as your smartphone.
The above-explained tips are some of the necessary steps you should not ignore. However, depending on how you interact with various services and websites online, you may need to follow some more precautions.
If you are advertising online with Google ads you can implement certain tools that can help catch fraudsters and save you money on your investment from click fraud.
|Infographic by Website Promoter|
Finally, if you are dealing with highly sensitive information, prefer sites or online services with an EV SSL certificate.