High Priority Strategies #
- Freeze Your Credit!
-
Keep your OS and all your apps updated...
Don't forget your router! Many still don't update automatically. A router is just a specialized computer connecting your other computers to the internet. They have bugs in the firmware. Some companies are sloppy with their set-up. If your router is hacked, the rest of your network is likely to be in big trouble.
Likewise, all your other devices that hook to the internet should be updated; cameras, lights, light bulbs, refrigerators, dishwashers, clothes washers, and a gazillion more every day. There is a good argument that at least some of these devices do not need to be internet-connected to do their function, but here we are. Any of these can be used to attack all of the computers on your network; yes, your internet-connected dishwasher might be the route hackers use to steal your banking information from your computer. An unnamed casino in the United States had their records on their high-value clients stolen from an attack that started in the internet-connected thermometer in the fish tank in their lobby.
Note that these devices are also collecting information about you and your household which is used to push ads to you. You may not be able to stop it. Complain to your elected representatives if you live in a democracy.
By the way, data collection and monitoring of you is not the only harm that these devices can do. If vulnerable, they can be suborned into a botnet, a collection of internet attached devices all running the same malware and used to attack sites and cause them to crash. Recently a botnet made up of thirteen-thousand devices was able to send a record-breaking 5.6 trillion requests per second to a target computer. The goal is to overwhelm the target system and cause it to crash. Botnets are made up of devices in peoples' homes and businesses, not just desktop or laptop computers, but anything connected to the web.
-
Install a password manager on ALL your browsers
For example, Bitwarden. Create new, unique passwords for all your sites and other needs with at least 20 characters: including upper & lowercase, numbers, & special characters. Never use a password for more than one site or app.
A password manager makes it easy to use a different password for every site or service you go to. Using the same password, or a stupid password like "Monkey123", is like taping your house key to the front door. See Have I been Pwned to find out whether your email address (and passwords, and LOTS of other personal info) has been found in a breach. Have I Been Pwned is safe to use, well-respected, and exceedingly useful, though alarming.
Be extremely careful using any password manager other than the top-rated ones (use Bitwarden or KeePass). There are lots, many may be fine, but you are not able to judge, and some are unsafe at best and malevolent at worst.
The password storage feature of your browser is not a good idea. I do not recommend using it. They have limited features (e.g., do not work outside the browser) and have been found to be vulnerable.
-
Use 2FA everywhere you can...
2-factor authentication provides a huge improvement in your security, an attacker has to both know your password and have your phone to log into a site as you. Look at apps such as 2FAS or Aegis for your phone for your 2FA. Search for them in your app store. Note that the FBI now recommends 2FA for your email account(s), especially and specifically GMail, due to a surge in account takeovers. -
Install the uBlock Origin extension on your browsers...
Install the extension uBlock Origin on whatever your browser is. You will have to use uBlock Origin Lite for Chrome since Google made it so the full version won't work. This is the single best thing you can do to enhance your browsing experience and increase your internet security & privacy. The default settings will work well. If you get interested, there are adjustments you can make that are really handy. -
Back up your data...
Preferably to an offline source like an external hard drive and store it securely. The "cloud" is not a great place to backup your stuff, if a cloud storage business shuts down or changes its terms of use or its prices, your files can be gone forever, you have remarkably few legal rights.Solid State Drives (SSDs) are cheap, buy an external SSD (or two or three) to use for backup. Keep one outside your home (friend's house, work, whatever. It's encrypted, right?) Bottom line, though, any back-up system you will actually use is probably better than none at all.
-
Reboot your computer and phone about once a week...
If you turn your computer off every day when you are done with it, this is not necessary, but if you leave it on as more and more people do, it's good to reboot it from time to time. Often Windows will make this easier by crashing frequently. I leave my computers on for months at a time.
Computers have a lot of complicated things going on in their memories and a reboot gives them a chance to start fresh. It also destroys certain types of malware that lives only in memory and doesn't write anything to a drive.
-
Don't use modems and routers from your ISP...
They are cheaply made, low-quality, poorly designed from a security perspective, frequently hacked, and a huge target for threat actors. Buy your own; you will need to shop around and read reviews but it will worth the time.
Additional Recommended Strategies #
- Consider getting multiple email addresses for different purposes.
-
Change your DNS servers...
Do it on all your devices and in your browsers. Don't forget to change them on your router, too! I have some suggestions and resources on DNS if you are not familiar with it. -
Don't use Amazon...
There is a history of dangerous and fraudulent activity on Amazon. Selling delivery drivers' urine as an energy drink was pretty impressive, however. Supposedly no members of the public actually bought it, but it was an ill-advised, dangerous stunt and illegal. Also it demonstrates how well customers are protected by Amazon from dangerous products... Absolutely Not At All. -
It's beginning to look like passkeys will be the authentication method of choice
I have seen recommendations to avoid using passkeys from Apple or Google or any specific company, they will lock you into walled gardens. At least some of the password managers will handle passkeys for you (yes, Bitwarden).
It is likely that passkeys will become the new standard for logging on to sites on the internet. Be aware, several companies are working hard to shape passkeys to lock you into their system; a walled garden. Go slow, passkeys are not required right now (May, 2025) so don't be the first penguin. When you do move to using passkeys, be sure that you can carry them across devices and manufacturers or services (e.g., avoid Google and Apple unless they stop creating walled gardens).
-
Use VirusTotal to check files before downloading or opening them.
VirusTotal inspects items with over 70 antivirus scanners and URL/domain blocklisting services, in addition to a myriad of tools to extract signals from the studied content. Any user can select a file from their computer using their browser and send it to VirusTotal. VirusTotal offers a number of file submission methods, including the primary public web interface, desktop uploaders, browser extensions and a programmatic API.
Upon submitting a file or URL basic results are shared with the submitter, and also between the examining partners, who use results to improve their own systems. As a result, by submitting files, URLs, domains, etc. to VirusTotal you are contributing to raise the global IT security level.
VirusTotal is free to end users for non-commercial use in accordance with our Terms of Service. Though we work with engines belonging to many different organizations, VirusTotal does not distribute or promote any of those third-party engines. We simply act as an aggregator of information. This allows us to offer an objective and unbiased service to our users.
-
If you use Chrome browser, seriously consider upgrading to Firefox...
You may want to add Firefox and continue to use Chrome if you find things that require it (not many really). Just remember that Firefox can be set to have a very high degree of privacy, Chrome is made by Google, one of the top 3-4 most aggressive tracking companies on earth.If you use the Edge browser, please at least switch to Chrome if you're unwilling to use Firefox. There are many other browsers out there; I have not found the ROI to be worth messing with any of them except Tor.
You can remove some of your personal info from Google search results.
Note that this only has Google prevent it being found in Google searches. It does NOT remove the info from the source website nor does it remove it from other search engines.
You can get the information actually removed from 750 source websites/data brokers with DeleteMe. They seem to have a good reputation. You have to join and pay for the service and give them the info you want deleted. This can be scary. If you do, they will search the web, specifically a big list of data brokers, for your information and submit requests to have it removed.
They also have instructions for doing this yourself, however there is no way you have time to do this on your own and keep it up to date.
My feeling is that this is helpful to limit stalkers, nosy neighbors or co-workers, and maybe some spammers. Your name, birth date, SSN, address, email address(es), credit card numbers, even passwords, etc, are already on the dark web due to various past breaches and there is no way to get rid of those; see Have I been Pwned for more about this. However, most people are not going to know how to get access to it. DeleteMe will help you limit the information gathered by honest data brokers (possibly an oxymoron) and available to the general public via web searches. The other secret data archives kept by every corporation you have contact with, including the various providers of all of your computer equipment and software/apps, will not be affected. DeleteMe seems like a useful service, but don't kid yourself about what is possible.
After You're Appropriately Paranoid #
-
Browse the Defensive Computing Checklist site...
It is long, don't try to read it all in one go. Browse topics as you have interest or concerns. Although I do not agree with absolutely everything on this site, the areas where I disagree are few and do not seem to be so pronounced as to be worth worrying about. This is good information if you have questions about computer security & privacy. -
Consider covering your cameras...
Past heads of the CIA, NSA, etc, as well as Mark Zuckerberg, have admitted that they put tape over the cameras on their devices when not in use. Today in many cases you could use a (nicer-looking) sliding cover; if not built-in there are after-market stick-ons that work well.Obviously, the head of the CIA or Zuck are much higher targets than you are so this is less important for most of us. On the other hand, resources to make it easier to break into people's phones and computers are increasingly prevalent online so the bad guys do not have to know as much to do it and that means exploration of lower value targets (you). You will have to decide what your comfort level is.
- Some additional useful resources: Electronic Frontier Foundation (EFF) and the Electronic Frontier Alliance (EFA)