Have you ever felt insecure after reading about a major data breach somewhere? Have you felt lost when you think of the next steps you should take after your account credentials were leaked? These were the same feeling I felt as I got to know about a data breach. No matter how helpless you feel, there's a light in this darkness as there are steps you can take to prevent this from having any more significant effect on you.
In the modern-day world in which we live, all of us have an online presence no matter who we are. In order to create an online account, we often divulge information about ourselves, and this, in turn, means we need to stay safe online in order to ensure that none of our Personally Identifiable Information ( P.I.I ) gets into the hands of anyone who has malicious intentions. Yet, according to Verizon, there were 3,950 confirmed data breaches in 2020 which is not surprising given that the most common password during 2020 was 123456. This calls for a safe online space for everyone which can only be achieved by awareness, yet there's no clear guidance for people on where or how to start.
I wish to clear that ambiguity, but before we delve any deeper, let's take an analogy here. Dental hygiene is the practice of taking regular care of our teeth to prevent any oral issues. We have been thought since a young age the importance of this and the steps we should take for dental hygiene, yet there are hygiene practices of which most of us are not aware. Cyber hygiene is one practice not many people are taught, let alone be aware of.
I would like to ask you a simple question, how much time do you take to secure your online accounts? If your answer was 0, then this is the right place to be. The main aim of this blog is to introduce to you the basics steps you can take to take to ensure your safety online. Now you may feel that you are not a technical guy or that IT is not your piece of cake, let me assure you this blog is intended for everyone, and it doesn't need you to be a computer ninja to go forward.
Whenever we hear of the word cybersecurity we think of a hacker in the shadow who is trying to hack a computer ( though this may not be the most accurate portrayal of a hacker ), cybersecurity can also depict a user taking steps to be safe online. This blog is to create awareness on how to be safe online with implementable suggestions for each step which is intended for anyone who uses the internet and you don't have to be a cyber ninja to implement any of these suggestions. These suggestions are free to use, serve their purpose, support all major platforms if not all, and some are open source too!
1. Create a strong and unique password for all your accounts
I can not stress this point enough and that is because many people still use their date of birth as their password for major online accounts. The idea of creating a strong and unique password for all your accounts can be daunting at best for anyone but this can easily be circumvented if everyone was to be using a password manager.
A password manager is an app to store and create all your passwords securely. When you wish to choose a password manager, you need to check the basics, are the passwords randomly generated, are the passwords stored securely, and does it support the devices you use. Though there are more features one can desire, these are the basics that are to be expected from a password manager.
You may argue as to what's wrong with keeping a notebook filled with passwords. It's just that humans are not great at generating a unique sequence of letters and numbers to be used in passwords. Then comes the hassle of making sure you don't lose the notebook. All in all, it's just very inefficient to do so. What about the default password manager on Chrome you ask? It's better to use that than not to have one but what would you do if you were to fill out a password in-app? Hence we choose a password manager to overcome all the shortcomings of the above methods.
SUGGESTION: Though there will be a huge list to choose from, I would suggest Bitwarden to anyone as it checks all the basic aspects of a password manager (it's on bar with other paid password managers if not better ) and on top of it is free. Bitwarden is also supported on all major platforms and browsers and it is also open-source which means the code is available online for anyone to inspect. Though there are more features to it, one feature which you won't see on the free tier of any other password manager would be the option to check if the password has been leaked online before. Though this can be done online for free, it's more about the comfort of having everything under one app.
2. Enable Two Factor Authentication for all your accounts
Two Factor authentication ( aka 2FA ), as the name suggests, is another form of authentication. Usually, there is only one form of authentication which is usually the password. When 2FA is enabled, it provides more security to your accounts as it asks the user to provide a randomly generated code that is only sent to you in order to authenticate that you're the account owner. This makes your account more secure in the case your account's password was to be leaked.
By implementing 2FA, even if a data breach occurs ( FYI: it would take on average 228 days in identifying a data breach occured ), the hacker wouldn't be able to login to your account even though they have the password as they will be required to enter the 2FA code which they won't have access to.
Though there are multiple ways to enable 2FA, the one mode of 2FA which I would not recommend is through SMS as it is vulnerable to being hijacked. The more secure mode ( and also easier ) is to use a 2FA App instead. A 2FA app automatically creates a randomly generated 2FA code which is accessible within the app. The steps to enable 2FA are relatively easy which will be explained in-app.
SUGGESTION: There are quite a few 2FA apps to choose from, the 2FA app which serves the purpose and is easy to use would be Authy. Not only does it check the basics but it also provides a secure backup for your 2FA codes that prevents you from being locked out of your account if you were to lose your device.
3. Hide your E-Mail Address
In this day and age where data breaches are becoming more common, it's better to hide your email as the last thing you would want is a phishing email in your inbox waiting to deceive you. How is that possible to hide your E-Mail when most online accounts require you to sign in using an email, you ask? The answer lies in using an email forwarding service.
An email forwarding service usually generates an email address that forwards whatever email it gets to the email address of your choice. In the case that your email alias was to be leaked online, it can be deleted and a new email can also be generated hence no one can send you any dubious email in the future. Not only this, but you can also prevent spam from entering your Inbox by just deleting the email alias to which it was delivered. This also helps you learn what services actually spam your inbox.
Though you can use an email forwarding service to hide your email, there are other scenarios where you may not be sure as to whether to even divulge your email alias. In such scenarios, you can use a temporary disposable email which can be discarded after usage. These are services that provide a temporary email and can be deleted after usage. Though there are many to choose from, the easiest and fastest to use, from my experience, has been Temp Mail.
SUGGESTION: There are many email forwarding services and they range from being free to paid subscriptions, from being easy to use to somewhat technical to start, the average user would be more than happy to use Simplelogin. Though it limits the free user to 15 aliases, it catches up in terms of being fast and open source as whatever they claim is there for anyone to check.
4. Use a proper VPN whenever required
Many times than not, we often connect to free public Wi-Fi, be it at a cafe or at the airport, irrespective of where you connect from, the potential risk is enormous. A Virtual Private Network ( aka VPN ) is a private network your computer can connect to. In a usual scenario where you visit a website, the data from your router is directly sent to the website's server. In such situations, your Internet Service Provider ( aka ISP ) would be able to see what websites you visit and the websites you visit would be able to know where you are from and track your movement online.
When connected with a VPN, you join a private network in a different location, which hides your actual location. It also encrypts your data after it leaves your router but before it reaches the website's server which prevents your ISP from collecting information on you.
The reason I mentioned a proper VPN is that you should choose a VPN that can be trusted and not a VPN that sells your information. Another aspect of using VPN is that there's a misconception that using VPN is equivalent to one-stop all-you-need protection on the internet, which is not the case. It can prevent data collection from being tracked to you but doesn't mean there won't be a trace of your steps online.
The reason why you shouldn't connect to public Wi-Fi is that it is easier for a person with malicious intents to see what you are doing on that network. The hacker can achieve this by an evil twin attack ( which sounds more like something Dr.Doofenshmirtz would do ), which is when a hacker creates a Wi-Fi that looks like a legitimate Wi-Fi but is for malicious intents, as the hacker would be able to see what anyone does while connected to it.
Whenever you use a free product it is often said that you are the product. I say this because whenever you use a VPN, as is the case whenever you connect directly with an ISP, they can collect information about you and sell it to others. This is the reason why you should be careful in your selection of VPN.
SUGGESTION: Proton VPN for the most part would be the one-stop solution for the majority of the users as it provides a solid VPN in the free tier with unlimited bandwidth which is secure to use.
5. Use a DNS to remove Ads
Whenever we browse through the internet, we're flooded with ads ( which not only track us but annoy us with ads ) for anything we do. By blocking ads not only does it prevent ads from tracking you but it also helps the webpage load faster. If you were to use chrome, you will be aware of extensions like ad blockers that remove ads from your website, but what if you were to use a browser that doesn't support extensions, or if you were to be browsing on a mobile device.
This is where DNS comes into play. DNS or Domain Name System is like a phone book as it converts a domain name ( a name listed in the phone book ) to the IP address ( the phone number of the intended person ). There are various custom DNS out there, but each has its differences though they serve the same purpose. When you use a DNS to remove ads, it has some benefits such as it removes ads on all the browsers on your device so you don't have to worry about compatibility again. You also don't have to worry about space as you won't have to download it. You also don't have to worry if your browser will support any ad blocking extensions anymore.
SUGGESTION: AdGuard DNS would be the easiest to recommend as it has a proper setup guide for all major platforms and it serves the function to remove ads from your website effectively.
Conclusion
If you were to implement at least steps 1 - 3, you can be at peace whenever a cyber attack occurs, as you have effectively secured your account. By keeping a secure unique password for each website, it will help eliminate the most common risk from a cyber attack ( or a data breach ). Most hackers know for a fact people reuse passwords and will often try reusing the various combinations of the leaked password on various other sites to check if they can bypass the login page.
Till the moment you get to know of a cyber attack, in theory, a hacker would have easy access to your account, which can be prevented easily when 2FA is enabled as the hacker would require the device the 2FA app is on in order to bypass the 2FA authentication, giving your account another layer of security.
Finally, another aspect of a cyber attack that can be offset is when you forward your email, the hacker won't be able to know your actual email. Which can prevent you from falling into emails which tricks you into revealing personal information as you will be able to deactivate divulged email alias while keeping your actual email hidden.
Now that we have come to the end of the list, you may feel this may take some time to implement. That is true as cyber hygiene takes time but these efforts do pay off in the long run. This blog should help clear the fog you may have as to where to start in order to keep yourself safe as by implementing steps 1 to 5, you are sure to inculcate better cyber hygiene which will give you peace of mind knowing your accounts are secure.
DISCLAIMER: Do note these suggestions are my own and I'm not sponsored in any way. The respective products are trademarks of their respective companies.
I hope this blog was informative and useful to you. Feel free to give your thoughts regarding the blog in the comments below. Stay tuned for further blog posts by connecting with me on Twitter. Do share this blog if you found this useful.
