If you’re going to be using the internet, you need to behave as though it’s a terrible place with sketchy folks around every digital corner looking to cash in on your information. And once you’ve logged off Facebook, there are also unsavoury characters who are out to make more direct bank from the data that applies to you and yours. Here’s how to keep your precious deets, bank accounts, and even your identity safer online.
We shouldn’t have to explain this one, ever, but you should always have a different password for each website that you use. It’s a bit like having a different lock on every door in your house — if only one key is needed to open all the doors, there’s no point in having them all locked. Especially if someone else happens to have a copy of the key.
And you’re going to need a secure password. There are several techniques out there for selecting a password, from a random string of numbers, upper- and lower-case letters and symbols to complete sentences (along with a smattering of different characters) which will work here but there are a few things you really should not do. If the password is personal (your kids or pets name, dates of birth or anniversaries, and so on), that data can be scraped from your Twitter or Facebook accounts. Or any other public account, as a matter of fact. If your password is ‘password’, ‘Password’, or ‘Password12345’, you should go and change them. Now.
Keeping secrets
Some people don’t like to choose complicated passwords because they’re hard to remember and hard to enter. It’s okay to write them down, though. You just need to be clever about where you keep the passwords, is all. In a little notebook in your pocket or on a slip of paper in your wallet? That’s okay, as long as you change your passwords the moment you discover either missing. On a Post-It note stuck to your monitor or (worse) laminated on your desk or the base of your notebook? Please don’t do that, it gives us facial tics. We don’t like facial tics.
There’s also no shame in using a password manager. Fire up 1Password or Lastpass and you’ll be able to choose some fiendishly complicated passwords which will then be autofilled when you need them. Best of all, your collection of passwords will be kept encrypted and safe and all you need to remember is a single password — the one for the password manager. Just… don’t forget that password. Write it on a slip and stick it in your wallet, perhaps?
Know your status
It’s a definite idea to check out https://haveibeenpwned.com/, to see which of the services associated with your email address (or addresses) have had breaches in recent months or years. If your details have been compromised then you’ll learn about it here. The extent of the breach and possible information stolen is generally listed. It’ll give you some idea whether you can save that old email account or whether you need to go full slash-and-burn on your collection of passwords. Maybe that old forum email isn’t essential any more, xXFluffyBunnyKiller69Xx. Change all the passwords that are identical and let the hackers have it.
Document lockdown
You know what the folks searching for your email address and passwords are after? Bank account info, identity documents and credit card numbers. Do not store that information on your computer if you can help it. And if you do need to store it locally, encrypt the folder at the very least. Even password-protecting the documents with WinRAR is better than nothing.
Keeping digital versions of your identity documents is another one that you need to be wary of. If they’ve been accessed and taken, someone can very easily pretend to be you online and it’s awfully difficult to prove that you were not involved in some way. On one hand, having a copy of your ID and password on Dropbox could be handy… oh, but if it’s breached. That’s a huge headache of your own making right there.
At the very least, try and keep ID and Passport scans out of your email inbox. Don’t send them to people that way, either — your internet security might be tight as a new jam-jar but you can’t control the folks on the other side of the email chain with the Post-It password and the unlocked PC. And if you’re going to have a file on your computer named ‘Banking Details’, at least make sure it’s actually a BAT file that tells the opener to get bent, at the very least.
In this day and age, you are your information. With enough of your personal details, anyone online can become you — enough you to spend your money and then spend money you don’t have (and then leave you saddled with the bill and three email accounts working part-time as part of a spambot network). Don’t be that person. Guard your personal information like a dragon on a pile of gold. Use fire if necessary.