We all become pretty good at keeping ourselves safe. We lock our doors, we install burglar bars, and we remain vigilant. Perhaps it is time to turn that same vigilance to digital security – and here are a few sensible steps to do so.
Use a pass phrase, not a password: Passwords are the first line of defense, but they can be ridiculously easy for programs to guess. A six character password takes a maximum of two minutes to crack, and usually it’s a lot quicker than that. This is because algorithms are getting fancier as processing power increases. However, there is an easy fix: make your password longer. Every extra letter makes an exponential difference, so go big. The industry standard these days is pass phrases rather than passwords: strings of words, characters and numbers that will keep password-guessing programs occupied for a very long time.
Never use the same password, and keep them fresh: You need a different password for every account. It’s simple, really: if someone gets hold of one of your passwords, you don’t want them to then have access to everything. Remember too that many smaller sites, such as forums, do not store your passwords securely.
This is common sense, of course, but easier said than done. How do you possibly keep track of so many different passwords – especially when you’re meant to change every password regularly? The answer here is to get yourself a password keeper, such as KeePassX, a secure place to store all your passwords, meaning that you just have to remember the one password to access the password keeper.
Secure your browsing: Most major websites use the secure “https” protocol to protect their customers (look for the ‘https’ in the domain name, often accompanied by a little green bar or padlock). This means that it is difficult for anyone else to see what you are looking at or what information you are submitting to those websites. In other words, if you send an email from one Gmail account to another, it is relatively easy to know that you have sent an email, but not the contents of that email.
Do not always trust the Cloud: Anything stored on the cloud is only as secure as the company that is storing it, and not all companies offer the same level of digital security. That is why it is vital to think carefully about what exactly you choose to store on the cloud; sensitive documents should be encrypted first. It is also important to use companies with better track records when it comes to digital security: Dropbox and SpiderOak have good reputations on this front.
Do not forget your smartphone: These days, you are as likely, if not more likely, to access the internet through your smartphone. All the same rules apply here, with an added caution: phones can easily be used to track your physical location, even with SIM cards removed. If you do not want your movements to be tracked, leave the phone at home.
Most mobile messaging apps such as WhatsApp have their own unique vulnerabilities: These are all highly insecure, and most pull your entire contacts list into your database – potentially putting other people at risk. For a secure messaging app, use SureSpot or Text Secure/Signal (Android/iOS)