Hack-Proof Your Life: 5 Key Steps to Boost Your Safety Online

At this moment, someone wants your information. Hackers covet your email account, your home address and your Social Security number. They want to commandeer your webcam and break into your bank account. They are just waiting for you to slip up and give them a chance. Everywhere you look, malevolent coders are finding backdoors and vulnerabilities. There are simple ways to protect yourself. But where do you start? Follow these five steps to boost your safety online instantly.

1. Passwords

Relying on a weak password is asking to be hacked. Your passwords are either your first line of defense against hackers, or they’re an open window that lets them slip through. In cybersecurity, there is no middle ground.

How dangerous is it? A lowercase, six-character password takes a hacker around 10 minutes to figure out. Add four more characters, and you extend the time of that heist by 45,000 years.

Create a long, complex password that isn’t hard to remember. One trick is making your password a sentence – focus on positive sentences that are easy for you to remember and unique to you, such as “My son was born on Aug. 12.” On many sites, you can even use spaces!

Additionally, if one of the apps or websites you use is involved in a data breach, you’ll want to update your password for that account immediately. And don’t reuse passwords across different accounts!

2. Set Up Two-Factor Authentication

You’ve probably seen this before, even if you didn’t know what it was called. Two-factor authentication – a type of strong authentication– for is a fancy name for adding another step to the login process. A login page may ask for your first car or your favorite food. The website might even send a text message with a special code to make sure you are who you claim to be or ask you to verify your identity with touch ID or a physical security key.

Two-factor authentication adds an important layer of protection to your account. For hackers, the coup de grace is setting up instant alerts when your account is accessed from an unfamiliar device or location. Usually, this is because you’re logging in to your email account from an internet café in London, or you’re checking your bank balance on a trusted friend’s phone. Other times, it’s a hacker who is trying to figure out your credentials. You will receive a notification by email or text message saying that there was a login from an unrecognized machine or someone asked to reset your password. The login will not be authorized or the password reset without having the special code included in the email or text.

If you do nothing else on this list, click here for the steps to turn on two-factor authentication on Google, Facebook and other sites you use.

3. Delete Accounts You’ve Abandoned

You’ve probably encountered this before. Some spammy message shows up in your inbox, allegedly sent from your beloved Aunt Joan. Why does Aunt Joan want you to click on this strange-looking link? Why is she suddenly interested in giving you a limited-time discount on a Rolex watch? These messages are sure signs of a hacked account.

The rule of thumb is this: An old account contains more personal data than you realize, no matter how short-lived it is and no matter how long it’s been abandoned.

Have too many online accounts to remember them all? Click here for a site that provides you with the steps you need to close down the accounts you’re no longer using.

Research new apps and/or websites before using them to make sure others have had positive experiences from a security and privacy perspectives. Sometimes, you may even want to delete accounts simply because you’ve lost trust in the company that’s storing your private information. The Federal Trade Commission’s identitytheft.gov shares steps to take if your information has been lost in a breach.

4. Check If Your Information Has Been Stolen

Now you’re on a mission to boost your security. But what about data that’s already been stolen? How do you find out whether an account has already been broken into?

At least one trusted site is dedicated to precisely that: HaveIBeenPwned sifts through your accounts in search of security breaches. Just run your email address and username through the search field, and it will tell you if your login information has been linked to any past breaches.

5. Encrypt All of Your Messages

“Encryption” used to be a word reserved for international superspies, but not anymore. What you’re looking for is “end-to-end encryption.” This method scrambles your messages so that they can’t be read if someone other than the intended recipient gets it. There are a variety of services you can use that provide end-to-end encryption; here’s the free one I recommend.