To protect our data and our privacy is not difficult if you follow these simple steps: our guide to safeguard the security of the Internet.
Over the past few years have increased dramatically in cases of cyber attacks on the servers of giants of the industry. Poor safety measures were put at risk the business accounts of thousands of users of the network and especially their private lives.
Often these attacks are then becoming the basis to allow shady characters to steal directly from credit cards, possession of personal data by unscrupulous companies to resell or make real espionage against users.
Do not let one of these attacks may endanger our sensitive documents, our photos. Our own privacy on the web is not a trivial matter. Fortunately, most of the risk on the web can be minimized without harm, particularly to our own devices, and indeed sometimes fail even to facilitate our habits.
Let’s see in this guide some measure of security to protect themselves on the web.
The First Rule : Use many passwords and all long and safe.
We all know how difficult it is to remember random strings of letters and numbers, uppercase or even more by adding punctuation to make them even more random. This approach to have more secure passwords and immune to attacks based on the most common ones.
If a web service allows it though, even using the most random words and disassociate from them, especially if they are not part of the username or email, it is also a very safe way to protect your account. A very long and complex password is always the most recommended. It is also obvious, but just to make it clear that if one of your passwords is compromised, and you’ve used all your services. It will be useless that this is for sure: it is now exposed and associated hopelessly to you.
To solve this problem always used different passwords. If you do not remember (but even if you remember them) the best solution is to use a service like LastPass, the modern version of a keychain. With a single password, of course bombproof and you know that you and only you, you can keep an address book of generated passwords as you like with all the parameters of the case or done manually – saves you having to invent a force from time to time a new password. It can also keep personal information expediting the completion of the forms.
The biggest selling point is of course that with a single click, you can login using the plugin and the app’s service, the weak point is that if you are not able to store each password you need more, you are often unable to access services without using LastPass, which is still available on the cloud. Always make a backup of your data LastPass or alternative services such as 1Password, because you never know – you might lose access to several accounts if these data be lost.
Give a copy of your encrypted keychain very trusted friends or relatives, so that even the eventual destruction of all copies in your possession will not shut off. Having a host of passwords is a great first step, something that almost all Internet users do not have. We invite you to deepen on LastPass.
The Second Rule: Do not turn your email into an open door for criminals.
Those of you who regularly use more than one or two mailboxes in addition to those of work and university? Our personal email is generally the one we use to tie our account in a simple way to reset the password. This means that often, with a simple Google search, anyone can find one of the two keys figures to reach our critical data.
Now imagine that an attacker knows your email and has a way to find the data you need to reset the password to it; secret questions are not liable if the answer is easy – such as your mother’s maiden name, obtainable by asking all interested or looking a bit on Facebook.
Once the email you can simply ask for your password reset related to the account of his interest to do whatever they want with your data. In the case of email related to iCloud could even use them to commit acts more violent, until Resetting your block and all of your devices and associated accounts (even if it has lately been avoided using three security questions).
Use more than one mail is the first step to get you safely from this type of attack. If the email is not known it will be difficult that can be traced back to his password and access. A trim might be interesting to use an e-mail to subscribe to services such as Facebook and Twitter, making sure not to make it public, and use it as a collection point for notifications from secure sites, a second email, more secure and secret and absolutely not be used except as a secondary email to reset the other mails and a third personal email recognizable (eg mariorossi@dominio.com) to use privately, but maybe not for mails critical job, and finally, an email to the trash, from use of services of which still do not trust you, or if you want to login simple with simple passwords and do not mind the security of the account.
Seen and considered how easy it is to set more than one mail on a device and how many services there are free on the net now (Google, Microsoft, Yahoo, as well as Apple, Nokia …) there is no reason to have a single email. Some services like iCloud and Outlook.com also allow us to set multiple aliases, so that our work email and personnel are distinct and recognizable, and they are also at risk for hacking (seeing as we will access with another username). What matters is that it can be traced back to an e-mail to another: for example, GMail hides the secondary email, so that you can understand what address will be prompted to reset.
The Third Rule: Protect your device and do not trust, if possible.
The easiest way to steal a password these days is to simply install a system that records what you write to your PC and send it remotely at home. Activating an email to work or study on your device, you will have already requested this certainly to protect your device with a basic authentication (which it is a PIN or password). Do not think that it is important, indeed, it is extremely.
Access to a computer also means having access to your data inside, and even steal the encrypted data could in the long run can be traced to what is agreed or even just get the list of your email. Remember that often know the system password, you can access all of the passwords stored on your PC, also including emails, websites, payment information, and so on – on the Mac OS X Keychain is protected by the password of your user, for example.
If we reach services such as LastPass, enter the password from an unprotected PC means risking giving non-discriminatory access to your entire digital archive of information. Protect your PC or Mac with a firewall. First of all, periodically check that everything is in order, and of course, your antivirus definitions up to date. Do not follow links in emails: no bank will ask you to enter e-mail to confirm something.
Hide malicious links and addresses turn them into seemingly safe is extremely easy. If you are in doubt that an email that asks you to log on is authentic, limit yourself to log on to the website of the sender via your browser and ignoring the link contained.
Never insert your access data without checking to find the right site in the address bar (www.facebook.altro.com is not a site of Facebook. It would be if it ended with facebook.com). Ask and pretend safety: if your bank asks you to use numeric passwords less than 8 characters, or even less than 12, check whether another bank could better fulfill his services.
Do not provide your payment information such as credit card directly to third parties, but rely on PayPal or used rechargeable cards that you know you cannot empty your bank account. Sony even a few years ago we sawed to rob database containing credit cards, mail and password.
More recently Adobe has been conquered in the same way, and in both cases, despite the good faith of the company, it was a serious internal safety limit. If they too are at risk, then it is questionable sites little known, even outside of circuits such as eBay, PayPal or Amazon.
The Fourth Rule: Take advantage of the two-step verification.
This method adds extra security protection to your account. In addition to requiring a username and password, the service will send you a PIN on a phone number within an app or email. This will be required as evidence that you’re probably only logging.
Google and Steam are two good examples of this system applied at the level of common user, and some manufacturers, such as Microsoft explicitly require it. The weak point of this protection, no matter how effective, is that it is possible to obtain this PIN if you have access to the email recipient or using malicious pop-up posing as such for a window of Steam.
It’s not exactly an example of a two-step verification, but enable notifications when you pay with a credit card is useful for keeping an eye out for malicious charges. Check with your bank if you have this type of protection for customers, many banks already do for free.
Last Warning: do not think you ” have nothing to hide. ”
Although we are people with a clear conscience and who do not practice criminal activities, or simply do not preserve digital data so essential to think I need protecting, think about it twice. Exploit our personal information to create false identities, and bestow upon us any crimes evolved is now a well-established practice.
Then, using our data access to spy on us, defame us or make our lives a living hell it is very easy. Our devices are connected remotely, often in servers that handle all that they contain, in some cases. You may even be shut out from them, putting in jeopardy (just think to find yourself in an unfamiliar place without access to GPS and maps online).
If you pay attention will have nothing to fear, and in some cases you’ll even life easier. Multiple mailboxes that will prevent spam end up in the middle of the work emails or private, separate from well-defined streams your digital life and in the long term will maintain order in your habits. Services such as LastPass or 1Password will simplify the management of access to the sites you frequent most.
Stay safe so it’s easier than you think, but the important thing is to start.