Today’s internet is a dangerous place– no news there. It amazes me that people who are armed with a wealth of information about this dark place where criminals lurk still act as if it is a garden of Eden where all is good in the world. With this article, I am going to add one more to the huge pile that already exists and hope against hope that someone will actually pay heed to some very basic advice. Even if only a few readers of this post adhere to a few of the following suggestions, I will consider this a successful endeavor. Here we go…
1 – Use A Password Manager
I have over 200 accounts scattered around the Web. Every one of them has a unique password. Every password is longer than 12 characters and those characters are of every type imaginable. Without a password manager, I would be hard-pressed to remember even a handful of these passwords. That’s why I use LastPass and have done so for many years. You can use any password manager you like but it is imperative that you use something.
Every year there is a list published showing the most-used passwords. They are basically silly and certainly useless. Consider some of these lame common passwords that people use:
- password – really?
- monkey – I could look that up in the dictionary faster than you can type it (nearly)
- 654321 – ew, backward – that’ll fool ’em
- qweasdzxc – look at your keyboard. There are many variations on this theme and they are all equally weak
…and this idiotic list goes on and on… and what makes this even more inane is that people use the same password everywhere! It is no wonder their accounts are getting hacked all the time. If bad guys know a password that you have used all over the place, then they will have access to your accounts all over the place.
A good strong password looks something like this: 8q7GNf@n0bZln0ax@
Any item in the above list of weak passwords could be cracked within seconds on a powerful computer whereas a strong password might take many decades (or more) to uncover. That published list I mentioned? You can bet your bottom dollar that the bad guys start with that. Then they might use a dictionary attack where ‘monkey’ would be found nearly instantly. You get the idea…
Just because you don’t understand how the scumbags do it doesn’t mean they can’t do it. In fact, they’ve gotten very good at it. Read the news of 2019 and you’ll see what I’m talking about– millions upon millions of accounts were hacked last year and it’s not going to get better any time soon. Actually, the bad guys seem to be getting better at it faster than we are at protecting ourselves. We’re losing ground, folks.
By using a good password manager, you will have to remember one, and only one, master password to gain access to all of them. I also advise against using your browser’s password manager and form fill functions. They are insecure for the most part.
2 – Don’t Be Click-Happy
I know some people who click willy-nilly all over the screen as if they were possessed. One great rule of thumb that’s been around as long as I’ve been messing with computers is ‘READ THE SCREEN’. You need to slow down– there’s really no hurry. Take your time, read the screen, and pay especially close attention to those links you are about to click on. Just because a link says ‘Amazon’ does not mean it actually points to Amazon. It might take you to Timbuktu.
By hovering your cursor over a link, you will be able to see the actual destination of that link. Do the same in your favorite search engine, too. The true destination will show up somewhere on your screen. In Firefox, it pops up in the lower left-hand corner. Try the above Amazon link to see what I’m talking about.
Never underestimate the cleverness of the criminal mind.
3 – Use 2-Factor Authentication
This goes a step further than a mere password. Most critical sites like banks will offer 2-Factor Authentication (2FA) to make it much more difficult for the crooks to gain access to your accounts. It is a pretty simple concept, really. You use your password at their site but then you will have to prove you are who you say you are. This can be done over your phone, via a text message, or any number of methods from which you can choose.
The more barriers you can put in place, the safer you are. At least that’s the idea. There’s an old saying that is unfortunately true– ‘No matter how tall a wall you build, someone will find a way to scale it’. (Are you listening, Donald?)
4 – Remove Personal Data and Lie!
Many sites will still ask you, when setting up an account, for things like your first dog’s name, what your first car was, your mother’s maiden name, and so on. I won’t dig into it here because there are many articles on this subject. Basically, it is relatively easy for the bad guys to figure out these personal tidbits.
If you must enter this information to gain access to an account, then lie. Tell them your mother’s maiden name is Fido, that your first dog’s name was Mom, and that your first car was an Edsel. If you do this, however, be sure to jot this information down somewhere (LastPass offers a notebook of sorts where you can keep track of your prevarications).
The bottom line here is not to give out personal information when you don’t have to. Ignore what your parents told you and lie like a cheap watch.
5 – If You Didn’t Ask For It, Then Trash It
SPAM. We are all too familiar with what that is. Many if not most of the ways a person will get a computer virus is via SPAM email (unless, of course, you are click-happy– see #2). This email is never asked for by the recipient and should raise your hackles. You should never open them. You should immediately hit the Junk Mail button in your email client of choice.
They can get quite tricky in their nefarious ways. Recently, I’ve been getting a lot of them that say something like ‘if you do not want to continue receiving this notice, click here to unsubscribe’. Right…
For one thing, the minute you open one of these messages, it informs the bad guy on the other end that they have found a valid, up-to-date and monitored email address and they’ll keep knocking on your door in the hopes that you will eventually cave. There’s no telling what will happen if you actually click on that Unsubscribe link. Bad things, I’m sure, will begin to plague you.
6 – Check Account Settings
Windows has lots of privacy settings. You should absolutely run through those from time to time and make sure they are to your liking. But don’t stop there! Many sites you have accounts with probably have a number of settings that might allow you to have them stop selling your personal information. It is worth taking the time to check them out and eliminate as many holes as is possible.
Most sites aren’t going to blatantly offer links for these settings on their home page so you might have to do a little digging. They probably don’t want you to change these settings since it’s likely a good source of income for them. For your edification, Dave’s Computer Tips does not stoop to these low tactics. The only source of income here is ad-generated and also from a few very kind contributions through PayPal.
A blatant self-serving request: If you enjoy the free content you see here on DCT, then please whitelist us in your ad blocker. It really does make a big difference.
The internet used to be a fun, relaxing experience. It was like a nice visit to the local park in a safe, small town. Nowadays, it is more akin to a trip down a dark alley in a bad part of the city. The best possible defense in this type of environment is to make yourself invisible. Don’t leave a trail of bread crumbs for the scum of the earth to follow. Don’t poke at the sleeping guy to see if he’s alive– he’s faking it. And last but not least, keep your wits about you.
As always, if you have any helpful suggestions, comments or questions, please share them with us,