Expand your protection
Fill in the gaps in your security and privacy with this essential collection of tips, techniques and tools.
You’ve got the essentials sorted – anti-malware software in place, plus any tools you’ve downloaded from the previous spread on cleaning malware infections (even if your PC is currently behaving itself, now is a good time to collect them together somewhere safe, like on a USB flash drive). Now you’ve locked down your PC, what other steps can you take to secure other parts of your online life?
SECURE ONLINE ACCOUNTS
Browse to www.haveibeenpwned.com where you’re almost certain to discover your trusted passwords of old have been involved in at least one security breach – even if you weren’t personally affected, common passwords like ‘fred1234’ are bound to have been used by others and subsequently exposed too. We recommend installing a strong password manager like BitWarden (www.bitwarden.com) to store and generate new lengthy, randomly generated passwords comprising letters, numbers and special characters. All you need to remember going forward is one master password – make sure that password is both memorable and long, not easily guessed and a mix of letters and numbers.
Add an extra layer of protection to your BitWarden password vault –
and other key online accounts – by adding two-factor authentication (2FA) to your login. This prevents anyone from getting into your account without physical access to your phone – even if your password is compromised. 2FA codes can be delivered by email, mobile text or to an authenticator app – email isn’t secure (see below), while text messages require you to have a mobile signal when sent. The best option is the authenticator app – we currently
recommend Authy (https://authy. com/), which can be installed on more than one device (including your PC) and codes accessed even when offline.
SECURE INTERNET ACCESS
Virtual Private Networks (VPNs) serve two major purposes: one, they encrypt your internet traffic on insecure networks such as public Wi-Fi hotspots, but they also mask that traffic from your Internet service provider too. By
“Two-factor authorisation stops anyone getting into your account without access to your phone. ”
connecting to a VPN server in a different country you’re also able to trick internet services as to your actual location, enabling you to bypass many geographic restrictions – for example, enabling you to access catch-up TV while abroad on holiday.
While VPNs encrypt your data in transit, they don’t hide it from the services you’re connecting to, so you’ll need to continue to take steps to protect your web browser. Make use of private or incognito windows when browsing – which allegedly don’t store any tracking information after they’ve been closed. We say allegedly – it’s still possible for your traffic to be monitored by your internet service provider.
One way to tighten this security is by enabling so-called DNS over HTTPS if your browser allows you to do – for example, Firefox users should open Options > General tab, then scroll all the way down and click Settings under ‘Network Settings’ before ticking ‘Enable DNS over HTTPS’ (with the default Cloudflare provider) before clicking OK. This prevents man-in-themiddle attacks and eavesdropping on the websites you visit.
Also look to install add-ons to help block trackers and malicious advertising. The step-by-step below reveals how to use Disconnect to monitor and block invisible trackers – after installing it, install AdBlock Plus (https://adblockplus.org/) for a sensible approach to blocking intrusive and potentially dangerous adverts without removing all adverts.
Email is notoriously insecure – unencrypted and easy to intercept. Traditional encryption techniques involving PGP only work with contacts who apply it to their own email. One workaround is to sign up for a free
ProtonMail account (www.protonmail.com). Mail between ProtonMail users is automatically encrypted, while you can configure sensitive messages so non-ProtonMail users are directed to a secure, encrypted web link to read – and reply – to the message.
Protecting yourself when chatting with others and using social media is a must too. Install the Facebook Container add-on for Firefox, for example, and you can isolate Facebook from the rest of your web activity by forcing it to run in a sandbox – that way it can’t spy on you through tracking cookies. Similarly consider switching from well-known, but not necessarily secure, technologies such as Skype and WhatsApp to Signal (https://signal.org), an open-source chat tool that works on your phone and PC desktop and offers secure end-to-end encryption.