The internet today can feel like a daunting place with constant stories of new viruses, worms, hack attacks and online scams appearing almost daily in the news. Is there a way to navigate through the sometimes dodgy and dangerous world on the internet and keep your personal data safe online?
In short, yes, there are some simple steps all internet users can take to greatly improve their security and privacy and stay protect their personal data online. Implementing even some of the following steps will greatly reduce your chances of suffering some kind of misfortune online such as having accounts hacked, personal information stolen and being a victim of credit card or other financial fraud online.
We will list our top tips in a quick summary list first, and then go through each one is more detail.
Top Tips To Protect Your Personal Data Online – Quick Summary
- Use unique, long and complex passwords containing a mixture of letters, numbers and special characters. If you have lots of different logins for different sites then use a password management tool like LastPass which allows you to set and store unique passwords for every site and manage them with one Master Password.
- Make sure the Auto-update setting is on for all your major programs and operating systems, especially for Adobe and Flash products which are prone to hacks when out of date versions are being used. Browsers are also commonly updated and so ideally need Auto-update enabled.
- Use a VPN to encrypt and secure your internet connection, especially when using public Wi-Fi which is not safe at all, but even more regularly as well as some good free VPNs are also available, some of them even unlimited.
- Make sure you have up to date Anti-Virus and Anti-Malware software installed on your computer. Free and Paid versions are available.
- Make sure your firewall is enabled as it adds an extra layer of security to what is already on your device.
- Use common sense and caution online. Be cautious which sites you go on and don’t click on suspect links on sites or in emails from unknown senders. Banks and other legitimate companies will never email you asking to send them login or personal details.
- Be cautious and selective of what personal information you choose to share through social media and other channels.
- Do not save passwords or other private information on public computers such as in libraries or internet cafes.
- Make sure your home Wi-Fi network is secure, with a strong unique username and password for your router. See our article on home Wi-Fi security.
- Be very careful logging into online banking on iPhones and other devices where you use a lot of apps, since they can track your activity.
Let’s take a more in depth look at each point.
1. Use unique, long and complex passwords
We made this our first bullet point as we believe it to be the most important for protecting personal accounts, and internet security in general. A surprising amount of account hacks are just bots or hackers guessing a password that is too easy or obvious.
It is essential to have different passwords for all important logins, and long complex passwords with a mix of letters, numbers and characters.
Security experts also recommend changing passwords frequently, but most people now have too many logins to realistically remember a whole bunch of passwords and go around changing them every 1-2 months. This is why we recommend using a password management tool to manage passwords, with LastPass being our recommended provider.
LastPass works as an add on to all major browsers and allows you to save login details for the different sites you use, and manage them all under the umbrella of one unique Master Password, which gives you access to all accounts. That way you can set and save unique complex passwords for all your logins, but you only have to remember one – your Master Password.
A free version is available which provides a limited number of spaces for passwords; a Premium version with unlimited spaces is available for only around $2 per month and is a must for anyone with lots of accounts looking to improve password security.
It uses very powerful encryption algorithms and also offers a host of other features; see our article on LastPass for more details.
Of course you have to make sure your Master Password is very complex and kept safe, as it allows access to all your saved accounts when using LastPass, but in truth any password can be memorized soon enough if we use it regularly.
On balance we believe this is a far better security solution than having simple or identical passwords for lots of different sites. With LastPass, or another password manager like NordPass you just need to set one long, complex password and keep it very secure and private.
2. Enable Auto-updates
This is an equally important security measure as out of date programs is another very common source of hacked accounts and computers, which can then lead to personal data being stolen. PDF files are a particular vulnerability, with many computers hacked through simply opening a PDF when their reader was not up to date. Flash media players are also vulnerable if not updated.
Video: Security expert Frank Heidt confirms that most account and computer hacks are from easy to guess passwords and programs like Adobe PDF Reader that have not been updated:
This is easily resolvable by just making sure Auto-updates are on for operating systems and programs.
They can usually be easily found in the Security or Update settings of most programs including web browsers and when turned on just makes sure your program is running the most up to date version with any known security vulnerabilities patched. Web browsers in particular are updated frequently so it is important to keep auto update on for them.
3. Use a VPN to Encrypt Connections
This is another extremely important step to take for anyone that is using public Wi-Fi a lot in airports, train station, libraries and so on. Public Wi-Fi connections are not secure and often easily hackable, so it is important to never enter any passwords or other sensitive information over public Wi-Fi unless you have secured your connection with a VPN.
A Virtual Private Network or VPN is a piece of software which creates a virtual tunnel for your online traffic so it is encrypted and secured and no one else can see it. It is a useful but optional tool for home Wi-Fi networks but is absolutely essential when entering personal or private information over public Wi-Fi. See our article on the dangers of public Wi-Fi
Public Wi-Fi is not safe and you should not enter any personal details or passwords over public Wi-Fi unless you have secured your connection with a VPN
Therefore if you’re on any Wi-Fi network that isn’t your own one at home, and entering personal details online or logging into sensitive accounts, it’s always recommended to use a VPN to protect your connection. Using a VPN has never been easier, as there are now even many good free options you can use, some of them unlimited.
We’ve got together some good, trustworthy free VPN options listed in the table below (links are referral links):
| Provider | Free Server Locations | Data Limit | More Info |
|---|---|---|---|
| ProtonVPN | 3 (USA, Amsterdam, Japan) | Unlimited | See here |
| AtlasVPN | 3 (USA East, USA West, Amsterdam) | 5 GB/month | See here |
| TurboVPN | 4 (USA, Germany, Singapore, India). | Unlimited | See here |
| Hide.me | 5 (Netherlands, USA*2, Germany, Canada) | 10 GB/month | See here |
| PrivadoVPN | 10 (USA, UK, Canada, Germany, France, Netherlands, Switzerland, Mexico, Brazil, Argentina) | 10 GB/month | See here |
| Windscribe | 10 (USA, UK, Canada, Hong Kong, France, Germany, Netherlands, Switzerland, Romania, Denmark). | 10 GB/month | See here |
| Tunnelbear | 49 | 500 MB/month | See here |
If you’d rather use a Premium VPN, there are dozens of options available now, all of which do a pretty similar job of giving you a pretty much un-hackable connection to keep your browsing and personal data protected.
The paid-for VPNs do have advantages like being totally unlimited, 24/7 support, zero-log policies and unblocking streaming services.
Here’s some good reputable, trustworthy Premium options:
- NordVPN – $11.99 for 1 month
- Private Internet Access – $9.99 for 1 month
- ExpressVPN – $12.99 for 1 month
- ProtonVPN – $5 for 1 month
4. Have Up to Date Anti-virus Installed
This one is pretty self explanatory as new viruses and malware are being created everyday, many of which can be used to steal people’s personal data. Security companies and software developers having to constantly patch security issues that new viruses exploit in a game of cat and mouse with hackers.
There are loads of different Antivirus programs out there now, and arguably many of the free ones like Avast and MalwareBytes will do a good enough job. For extra advanced protection features and the most regular updates though, a paid service is probably best, with plenty of options available online there as well between big players like Norton, Kaspersky and McAfee all offering comprehensive protection and regular updates.
Have good antivirus installed and run regular scans
5. Make Sure Your Firewall is Enabled
This again is self explanatory and doesn’t need much elaboration. A firewall is a piece of software that adds an extra layer of security to your device by acting as an electronic filter that blocks unauthorized access to your device. Most routers have hardware firewalls that can be enabled but also having one on your computer adds an extra level of security to deter hackers.
See this article for how to enable the firewall for all Windows operating systems (Go to Start…..Settings…..Updates & Security…..Windows Security……Firewall/Network Protection).
It is a good security measure that can be added to other measures like Anti virus software and general vigilance to make for more secure browsing to protect your personal data online.
6. Be Wary of Scam Emails & Sites
This just comes down to exercising common sense and caution online. If something doesn’t look right it probably isn’t right. Don’t click on suspicious links online or in emails from unknown sources. Be careful which sites you go on.
Don’t enter any sensitive information on sites that don’t have the green secure SSL padlock displayed on the browser:
And also use a VPN to add an extra layer of encryption to your connection on top of this, as discussed above.
A common way which businesses but also individuals can get stung is by emails from imposters impersonating business colleagues or close friends or family members, simulating some crisis in an attempt to elicit money to solve an “emergency”.
Again common sense and judgement is useful here. If the email doesn’t sound like the person it is claiming to be from, if the tone is wrong, then be wary as it could be a scam.
Email spam filters have become very good at filtering out these kind of spam and “phishing” attempts but some may slip through so it still pays to be wary. Banks and other legitimate financial institutions will NEVER email you asking to provide account or personal details so straight away you know any email like this is a scam.
7. Be Careful on Social Media
Social media can be great for connecting with people, but it can also act as a repository for all your personal information if you are too liberal with what you share and with who. Some social media accounts provide potentially all the information someone would need for identity theft or some other fraud.
Social Media can provider hackers and identity thieves with all the information they need if people are too liberal with what they share
So it may be wise to be cautious with what you share on social media. Edit your privacy settings if desired so that your posts and personal information are only shared with friends and not everyone.
Facebook for example does have very intricate privacy settings which are admittedly very complex but can allow you to customize who sees certain content on the platform. We recommend doing this for all your social media accounts.
8. Don’t Save Passwords on Public Computers
Pretty self explanatory – other people who use the computer after you could access your accounts and personal information so always make sure the “Remember Me” or “Save Password” box is unchecked when logging in on public computers – libraries, cafes etc.
If you check it by accident, or you want to wipe cookies and history off your own PC, then a program like CCleaner can wipe all cookies including the ones that store passwords (uncheck the “Intelligent Scan” box when installing to make sure all cookies are wiped).
You can also use the “Ctrl+H” shortcut to bring up history and cookies on most browsers, and be sure to delete them after any session on a public computer.
9. Make Sure Your Home Wi-Fi Network is Secure
Home Wi-Fi networks are much more secure than public Wi-Fi networks but do still have some vulnerabilities as the 2017 KRACK attack research project showed, which can leave your online browsing and therefore personal data at risk from hackers.
As with public Wi-Fi a VPN is a good option to encrypt connections at the device level, with multi-device packages available from VPN providers which can cover the important devices in your house.
See our article on using a VPN to make your Wi-Fi network more secure.
There are also some other steps you can take to make home Wi-Fi more secure, like:
- Turning off the WPS feature on your router.
- Having long and unique passwords for your Wi-Fi network and router login.
- Hiding your router name (SSID)
See our article on home Wi-Fi security for more details on how to do these things, plus other useful tips for home Wi-Fi security.
10. Use a Separate Device for Financial Transactions.
This is an extra point we need to slip in – this is deeper level stuff that you won’t find in other mainstream “tips” guides for online security or protecting your personal data online.
It has become apparent from security firms who have looked into this that a number of apps have indeed been tracking what customers are doing in their phones and in some cases collecting this data for their own use.
More worryingly, sometimes they are even logging keystrokes and taking screenshots of your phone when you are using it (not even when just using their app, but using your phone in general).
See this article for more on this. The sources referenced are here and here.
What is becoming painfully obvious is you SHOULD NOT use your phone for financial transactions — PERIOD! Additionally, get a cheap laptop and use that for any financial transactions with NO OTHER apps for movies, travel, or anything. Segregate your financial transactions from the rest of your activities.
Martin Armstrong
This is very concerning and governments don’t seem to be doing much to protect iPhone users in this regard. Some of the companies indicated in this kind of tracking include household names like Hotels.com, Expedia and Hollister.
This presents an unacceptable security risk for many users. We already recommend to not log into online banking on unprotected public Wi-Fi without a VPN, but with this information, even logging into banking at all on any device that has a lot of apps installed could be a security risk if big companies are tracking keystrokes and taking screenshots.
Unfortunately, the companies themselves are not being told to stop this behavior as of yet, so users will have to be proactive on this one.
Here are some suggestions we make for online banking security:
- Do not log into online banking, or any other sites where you are performing very sensitive financial transactions, on devices like phones which have a lot of other apps installed on them.
- The linked article goes even further and argues you should not use your phone for any financial transactions at all, since the security risks with “snooping” and tracking are now too great.
- Another option is to purchase a cheap, basic second laptop to do all your banking/financial transactions on only, without any other apps installed on it at all. This effectively segregates your financial transactions from all your other online activity and preserves your privacy better.
