Quick Guide On How To Stay Safe Online
Last year, companies suffered data breaches with alarming frequency. There was at least one breach every week, and millions of consumers' highly sensitive information, including social security numbers and medical data, have been stolen. Some of the most prominent companies affected include:
Credit card company Capital One
First American Financial Corporation, a real estate title insurance company
Managed Health Services of Indiana
Social media giant Facebook
Microsoft Email Services.
The responsibility for securing the information you entrust with companies you work with rests on the companies themselves. Nevertheless, there are ways for you to guard your data if a security breach happens. Furthermore, these security tips will keep you safe from inadvertently providing personal details to small-scale hackers in your day-to-day life.
In the following sections, we will cover six tips for keeping your personal information safe in 2020 (and beyond):
1. Use Unique, Complex Passwords and Use a Password Manager to Keep Track of Them
Complex passwords make it difficult for hackers to use simple scripts to try combinations of your username and password until they succeed. However, it is difficult to remember a complex password for a single site, let alone every single website you use daily. This is where the use of a password manager comes in.
Password managers are tools available on both laptop/desktop computers and mobile devices that store all of your username/password combinations. With a password manager, the only thing you need to memorize is a challenging master password. This master password, when entered, grants you access to your vault of credentials. Whenever you navigate to a site that requires authentication, the password manager populates the login form with the correct set of credentials. This means that you don't need to memorize all of the combinations you've used for different sites.
One benefit of using a password manager is that you are less likely to use the same set of credentials across multiple sites. You don't have to remember anything and to help you meet the requirements set up by different websites. Many password managers come with the ability to auto-generate passwords that meet the specifications you provide. This reduces the possibility that you'll be affected when hackers engage in credentials stuffing. Credentials stuffing is where malicious parties take credentials obtained from one breach and use them elsewhere to gain access.
With the number of data breaches seen, credential stuffing should be a major concern for consumers.
2. Do Not Let Your Browsers Save Your Credentials
While convenient, you should not let your browsers save your credentials (primarily if they're used for things like banking). It is easy to view passwords that web browsers have saved and malicious parties — who can gain access to your computer remotely — can steal your credentials with little work.
3. Consider Using Multiple Email Addresses
One of the most commonly-used ways to identify people is via email address. If you are using a single email address for everything, consider creating additional email accounts for use with predetermined purposes.
For example, you might have one email for use with social media, another for personal communication, and a third for use with banks, credit card companies, and so on. If you run businesses online, consider using one for your web hosting account, one for your e-commerce platform, and one for client communications — you do not want to join the list of those who have accidentally given away credentials with which you have been entrusted!
By using multiple email addresses, you further protect against credential stuffing (which we mentioned previously in our section on using complex passwords). If a company suffers a data breach, there's a higher chance that the crook gets the wrong email address and the incorrect password.
4. Review Your Credentials Annually
Every year, we recommend auditing the sites that you're using. It can be challenging to remember all of the sites that you've interacted with (and given the personalization websites offer, it's not unrealistic to assume that all sites possess some information about you).
If you are using a password manager, this task is much more comfortable. For example, password managers LastPass and 1Password can export all of the credentials you have saved for easy viewing. They will also flag any sets of credentials where you have reused passwords. Your yearly audit would be an excellent time to review and correct any issues.
5. Avoid Providing Your Social Security Number
Many companies will ask you for your social security number since it is an easy way to link users with multiple accounts. Companies cannot compel you to provide this information (though there are certainly exceptions, as with the healthcare and financial industries), and by withholding this information, you will eliminate a source from which hackers can gain useful information about you.
6. Enable Multi-Factor Authentication
One of the easiest and most secure ways to protect your information is to enable multi-factor authentication (MFA). With MFA, you need to provide two (and sometimes more) pieces of information to log in — for example, you might have to provide your username and password as the first step, followed by a one-time use code that you receive via email or text message. Because it is unlikely that a hacker has both pieces of information, your account is less likely to be breached.
Multiple data breaches on major companies are announced almost every week, and while the companies' affected are responsible for such incidents, there are steps you can take to minimize the risk to you. In this article, we covered six different ways you can help keep your personal information safe in today's interconnected world.
Suspicious Activity Online: How To Report
Let your family and friends know about this article by sharing it on social media using the buttons provided. You can also officially report scammers and other suspicious activity online to the Federal Trade Commission using the link below:
How To Protect Yourself More
If you want to be the first to find out the most notorious scams every week, feel free to subscribe to the Scam Detector newsletter here. You'll receive periodical emails and we promise not to spam. Last but not least, use the Comments section below to expose other scammers.
Verify a website below
Are you just about to make a purchase online? See if the website is legit with our validator:
2 thoughts on “6 Data Protection Tips: How to Keep Your Personal Information Safe”
"…for example, you might have to provide your username and password as the first step, followed by a one-time use code that you receive via email or text message."
Unfortunately, text messages have been reckoned to be an insecure and vulnerable method of communication. Most search engines should be able to discover several articles which address this topic; however, Linux Liaison published one which explains the problem.
Multi-Factor Authentication: SMS, Probably Insecure – Linux Liaison
"Facebook Messenger Scam–DHHS–Won a Grant" happened to me yestrday. I gave them private information until they asked me to go to Walmart & buy a Card to send to them. When I couldn’t get an answer from my Facebook friend, who had supposedly seen my name on the Winners list, I smelled SCAM & told them the RCMP knew of this & I was finished with scammers. They sent one more text message. I’m worried because they have my phone number and full name and address and email address. What can I do?