The new year is nearly upon us, and if you’re like me, you’re probably taking stock of your life and picking a few resolutions to improve yourself for 2019. Once you’ve got your top few written down, consider getting another area in shape: your digital security.
By that, I mean the security of your devices and online accounts. Headlines this year were heavy with news of various breaches and hacks, and next year will likely be no different. Protecting your devices and accounts can help by making it more difficult for you to be hacked and to keep your information from prying eyes.
Here’s what two security experts suggest for making your digital life more secure:
Update your passwords (and make them strong).
Your passwords are your first line of defense against someone trying to gain access to your accounts. Sri Sridharan, managing director of the Florida Center for Cybersecurity at the University of South Florida, recommends refreshing your passwords and making them as strong as possible — think upper case, lower case, symbols and numbers.
"I know it’s a pain in the rear end," Sridharan said, "but when you have to deal with your bad credit because someone opened an account in your name," it will be an even bigger pain.
Try a password manager.
Worried about keeping track of all of those passwords? Let software do it for you. A password manager is a program that stores your passwords and protects them with encryption. Many password managers generate complex passwords for you, and you can even store fake answers to security questions in them to really make it tough for a hacker to guess their way into your accounts. All you need to remember is the (hopefully very strong) master password to access the manager. Not sure how to choose one? Read a couple of guides here and here.
Use two-factor authentication.
Two-factor authentication is an extra layer of security that makes you verify that it’s really you who’s logging into your account. It usually comes in the form of a text sent to a phone number you already provided or a code generated by an app such as Google Authenticator or FreeOTP.
Jeremy Gillula, tech projects director at the Electronic Frontier Foundation, recommends adding this to every account you have that offers it (check your account’s security settings). But if you’re looking to get your feet wet without diving completely in, start with your email.
"Your email account is the gateway to everything else you do online," Gillula said.
That’s because it’s the main way that passwords are reset. If someone were to break into your email, they might have access to any accounts linked with it, such as your bank, social media or health care portals.
If you’re unsure if an account has this, check twofactorauth.org, Gillula said. It lists sites that enable two-factor authentication and a link to each site’s step-by-step for enabling it.
Back up your data regularly.
Ransomware, where a hacker encrypts your machine and requires you to pay to have it unlocked, is becoming increasingly prevalent. Sridharan recommends backing up your data regularly so if you fall victim to ransomware, you can wipe your machine and restore it from the most recent backup.
Consider an encrypted messaging app.
You might not be texting state secrets, but your messages do likely contain sensitive information that you may not want someone else getting a hold of. Consider switching to an end-to-end encrypted texting app such as Signal or WhatsApp. End-to-end encryption protects your messages from being read by anyone who is not the person you are texting, even your cell carrier and the company that made the app you’re texting on.
Otherwise, Gillula said, "You’re trusting whoever’s operating that system that they’re not going to accidentally get hacked" and reveal your texts.
Signal and WhatsApp are available for both iOS and Android.
Contact Malena Carollo at [email protected] or (727) 892-2249. Follow @malenacarollo.