So much of our lives involves the Internet. Whether we are using our computers at work or at home. Or using our phones. It's hard to imagine how we would function without the Internet at our fingertips. Whether we're catching up with the latest social media trends, catching up on email, checking our calendars, or any of the other numerous tasks that we may use our devices for, protecting our digital privacy and security may be one of the most important things we can do. In this post I want to go over some of the things (some of them absolutely essential) that we all can do to protect ourselves online.
Use A Password Manager
This may be the most important digital privacy tip in this post. Our passwords are literally the keys to our online accounts. It goes without saying that keeping those keys save, and using strong keys (passwords) is a highly important strategy that every Internet citizen should be employing. After all, the most secure password is the password that even you yourself don't know. Personally, my recommendation for a password manager is LastPass. I've been using them since 2011 or maybe 2012 and have never had a problem. The apps are easy to use, available on android, ios, and multiple browser extensions, free (for those that cannot afford to pay -- although if you can afford to I highly recommend it), and easy to use.
In addition to using a password manager, make sure your passwords are actually strong. Don't be using some insecure password such as
password. The great thing about using a password manager is that most (possibly all?) password managers allow you to generate passwords. Personally, my passwords contain upper and lowercase alphanumerical characters, symbols, numbers, and are 30 characters in length.
Enable Two-Factor Authentication
If your password is something you know . Two-Factor Authentication is something you have. When you enable Two-Factor Authentication, you will have to provide a code generated from a Two-Factor Authentication app on your phone to log into your account. As I am a LastPass user, I personally use LastPass Authenticator. However, Authy and Duo Mobile are both good 2FA apps. When possible, you should avoid using SMS (Text Messaging) for receiving Two-Factor codes.
If you make a habit of connecting to open WiFi when you're out in public, you should be using a VPN (Virtual Private Network) to help protect yourself. When you connect to an unsecured wifi network without a VPN, the data going to/from your device can be intercepted and read by a malicious party if said malicious party is also connected to the network. What a VPN does is it encrypts the data so that it is unreadable in transit. It is ill-advised to use a free VPN as they're usually not very good and are often very shady. However there is one free VPN that I am willing to recommend: ProtonVPN
Protect your phone
Protecting access to your physical phone is just as important as protecting your online user accounts. You should make sure to setup a PIN/password and fingerprint unlock.
Warning: If you are going to be travelling and dealing with US Border & Customs it would be advisable to disable fingerprint unlock. PIN and Passwords are considered protected by the Fifth Amendment. If your phone is unlockable by fingerprint, you can potentially be forced to use your fingerprint to unlock your phone.
It would also be advisable to disable Face Unlock. It is less secure than PIN/fingerprint unlock, and just like with fingerprint, law enforcement could force you to unlock your phone with it, without violating the Fifth Amendment (at the time of posting this).
Encrypt your devices
For extra security, it would be advisable to encrypt any devices that leave your home. Tablets, phones, laptops, external hard drives, usb sticks, etc...
Most modern Apple devices are encrypted by default. For android, all Pixel phones, the Nexus 6P, Nexus 5x, Nexus 6, and Nexus 9 have encryption enabled by default. For other android smartphones, I would recommend following the steps in this post if you wish to enable encryption.
Encrypting a PC, laptop, external hard drive, or usb stick is slightly more advanced. You will need to download a free and open source application called VeraCrypt. It's fairly straightforward to use. I'm not going to go through how to use it because the Internet is already full of information on that.
Encrypted Messaging and Email
Another way to protect your digital privacy is to use an end-to-end encrypted messaging app like Signal for your messaging needs. Keybase is also a really good encrypted messenger that also contains encrypted file sharing and git repositories. Encrypted email, like ProtonMail, like similar to encrypted messaging offered by Signal. By being end-to-end encrypted, only you and the recipient that you are communicating with will be able to read your conversation.
As I stated at the beginning, we use our devices and the Internet for so many different things in our everyday lives. Taking care and protecting your digital life should be as important as taking care and protecting your physical (offline) life. Stay safe, fellow Internet citizen.