Five Ways to Keep Your Data Safe Right Now

This post was first published on TED.com.

There seems to be a new data breach in the news every week – a major company hacked, millions of usernames, passwords or credit card numbers stolen. There isn’t much that you, as an individual, can do to stop hackers from stealing the data you entrust to companies. However, there are some easy things you can do to significantly reduce the harm from such breaches.

1. Outsource your passwords to a robot

The human brain can only remember so many passwords, not to mention we’re actually really bad at picking good ones. So, too often we just reuse passwords across multiple sites. This is a Very Bad Idea. Once hackers break into a website and steal a database of email addresses and passwords, they can then try to use those same passwords to login to other sites. This is a huge problem, because so many of us use the same password for our Facebook, Google, Twitter and online banking accounts. The solution instead is to use a password manager, a software tool for computers and mobile devices, which will pick random, long passwords for each site you visit, and synchronize them across your many devices. Two popular password managers are 1Password and LastPass.

2. Get a U2F key – and use two-factor authentication wherever possible

One other way to protect your accounts is to make sure that even if someone learns your password, they won’t be able to log in. To do this, you’ll want to enable “two-factor authentication,” an additional security feature that can be added to many online accounts. For some sites, this additional step can take the form of a random number sent to your phone by text message, or running a special app on your smartphone that generates one-time login codes. A relatively new, and even easier form of two-factor authentication is a U2F security key, a device that looks like a thumb drive, which you insert into the USB port when you login to an account from a new computer. These devices, which cost about $15, can be used to add a significant boost to the security to your GMail account. Over the coming months and years, it is likely that other major tech companies will add support for the U2F token.

3. Enable disk encryption

If you lose your laptop or your phone and it doesn’t have disk encryption enabled, whoever finds the device can get all your data too. On the iPhone and iPad, disk encryption is turned on by default, but for Windows, Android or Mac OS you need to make the effort to switch it on. It’s a big deal, essentially the difference between buying a new laptop (bummer) and having to put out an identity theft alert.

4. Put a sticker over your webcam

There are software tools used by criminals, stalkers and generally creepy dudes that allow them to turn on your webcam without your knowledge. Granted, this doesn’t happen millions of times a year, but the horror stories are real and terrifying. One simple sticker means you use your webcam when you choose to use it.

5. Encrypt your telephone calls and text messages

The voice and text message services provided by phone companies are not secure and can be spied upon with relatively inexpensive equipment. That means that your own government, a foreign government, as well as criminals, hackers and stalkers can listen to your phone calls and read your text messages. Some Internet-based mobile apps that you likely already use are much more secure, enabling you to talk privately to your loved ones and colleagues, and don’t require that you do anything or turn on any special features to get the added security protections — Apple’s FaceTime and WhatsApp on Android are both good. If you want an even stronger level of security, there is a fantastic, free tool called Signal available on Apple’s App Store.

Learn more about cybersecurity and other civil liberty issues: Sign up for breaking news alertsfollow us on Twitter, and like us on Facebook.

View comments (13)
Read the Terms of Use

Anonymous

There are startups that provide end-to-end encryption in order to safeguard the data. CryptonorDB (cloud - mobile database) does exactly that: it manages the storage over encrypted data (data is encrypted before upload), and only the client manages the key. For more information, you should visit: http://cryptonordb.com/

Anonymous

There are startups that provide end-to-end encryption in order to safeguard the data. CryptonorDB (cloud - mobile database) does exactly that: it manages the storage over encrypted data http://gtasanandreasapkdownload.com/ Coming to GTA San Andreas, this is the latest version of GTA Vice City. This action, adventures game is a famous launch from series of gangster games, released by Rock Star games.

Anonymous

Really helpful article. I recently saw an interesting app that takes your picture as you login so that if someone stole your phone, you can see who did it. It is Squealock (www.Squealock.com).

There is also a similar product (called aMemoryJog) to LastPass and 1Password that stores all your unique passwords inside the app. But an interesting feature it has is the ability to self-destruct if someone steals the phone that way none of your passwords would get compromised. aMemoryJog's website address is www.amemoryjog.com.

Anonymous

Something that would be good to talk about in general: VPNs

Moreover, the potential weaknesses of VPNs should also be pointed out, as well as the possible weaknesses with any of the other five ideas in this blog entry.

To the best of my knowledge, VPNs are theoretically secure, but implementation flaws in operating system software, or possibly a hostile takeover of the internet backbone might make a VPN insecure. I can't quite remember, but I think the big story about the NSA taking over the internet backbone had mentioned that this had given them the capability to crack VPNs. I'm not sure what the state of VPN security is right now.

Megha

The ways you are suggested is really safe for my data?

Anonymous

Hi Chris,

Can you please update your PGP key?

B887 4B0B ED9F 7B8F 8902 B474 5A7F 0E54 ECFE 0D70

All of its subkeys have expired and GPG4Win will not allow me to encrypt to it.

(I've downloaded the latest version on the keyserver.)

Thanks.

Anonymous

Hi Chris,

Can you please update your PGP key?

B887 4B0B ED9F 7B8F 8902 B474 5A7F 0E54 ECFE 0D70

All of its subkeys have expired and GPG4Win will not allow me to encrypt to it.

(I've downloaded the latest version on the keyserver.)

Thanks.

Sonya Hitchner

How do I turn on encryption on Samsung note 5. Or who can I ask as a tech supplier. Any computer shop person. I'm 66 but I have kids. I blog. And bodies even track my metaphors in Google blogspot.

Sonya Hitchner

How do I turn on encryption on Samsung note 5. Or who can I ask as a tech supplier. Any computer shop person. I'm 66 and live in cape town douth africs, but I have kids. I blog. And bodies even track my metaphors in Google blogspot.

Jack Flynn

Sonya, you can download VPN app like ZenMate from TutuApp (Download: https://tutu-app.com/download/) which will automatically encrypt all the internet data.

Pages

Stay Informed