Safer Internet Day
Today is the 20th anniversary of Safer Internet Day, a global campaign which brings together communities to promote the safe and positive use of digital technology, especially among children and young people.
To celebrate and raise awareness, I want to share a few tips that will improve your digital experience and help you stay safe online.
Use a password manager #
Password managers help you create strong and unique passwords for each online account you create. This reduces the chance of hackers from guessing your password and prevents a successful hacker from easily accessing your other accounts.
I highly recommend using Bitwarden, which is free and open source. 1Password, Dashlane and NordPass are great paid options. Looking to self-host? Check out LessPass.
Use two-factor authentication #
Two-factor authentication (2FA) adds an extra layer of security to your account by way of a time-sensitive code which is used at login, in addition to your password.
Always use a different manager for 2FA and passwords. This prevents a single point of failure should either be compromised.
Check out 2FAS for MacOS and iOS. Authy for both iOS and Android.
Use a secure, private email provider #
A secure, privacy focused email provider will help you keep your email conversations private via end-to-end encryption. That means not even the provider themselves will be able to access your email.
ProtoMail is a popular choice, as is Tutanota which also includes an encrypted calendar.
Use an email masking service #
Just like using the same password for all your accounts, using one email address makes it much easier for criminals to hack your account. Or for your email to become part of a data breach.
The best way to deal with this problem is to create a unique, anonymous forwarding address for every single account you create online. This is known as email masking and there are a bunch of different services to help you do it.
Apple users can use Hide my Email, anyone can use AnonAddy or Simplelogin.
Use a VPN #
A Virtual Private Network (VPN) hides everything you do online, allowing you to browse in private and safely connect to unsecured networks, such as public wifi spots.
VPNs do this by changing your IP address (which is used to identify your device), so that when you browse online, any actions you take can’t be traced back to you.
NordVPN, SurfShark and ExpressVPN are all great VPNs.
Use a privacy web browser #
Privacy focused web browsers prevent you from being targeted by intrusive ads and protect your personal information, passwords, and browsing habits from hackers and government surveillance.
Brave and Vivaldi are popular choices, especially with beginners. Librewolf is a custom, privacy version of Firefox, which is gaining in popularity.
Tor is another popular privacy browser which comes pre-installed with privacy add-ons, encryption, and an advanced proxy.
Firefox Focus offers simple ”one tab only” private mobile browsing. It has swiftly become my iOS browser of choice.
Use a privacy search engine #
Non-private search engines are notorious for tracking. Meaning they collect data about your search habits and build profiles about your search history. This information is often then sold to third parties, or used to identify you directly and target you with advertising.
A good private search engine will allow you to browse the web anonymously, and store nothing about you or your search habits.
Qwant, or Qwant Junior for young people, are great places to start with private search. DuckDuckGo and Startpage are also popular options and can usually be set as the default search engine within your browser.
SwissCows, Metager and Mojeek are not quite as mainstream but still very good options.
Install a content blocker extension #
Many privacy focused browsers and search engines come pre-installed with extensions to block ads and tracking cookies. If the browser you use doesn’t have this feature, you can make sure you’re still protected by installing extensions yourself.
uBlock Origin and AdGuard Blocker are both popular tools for this purpose.
Use an encrypted messaging app #
Encrypted messaging prevents anyone from monitoring your text conversations.
Session is an end-to-end encrypted messenger that minimises sensitive metadata, designed and built for people who want absolute privacy and freedom from any form of surveillance.
Status uses an open-source, peer-to-peer protocol, and end-to-end encryption to protect your messages from third parties.
Signal is a popular choice, but it does require your phone number to sign up, which can be used to identify you. Whereas Session and Status don’t.
Protect your devices #
Webcams and mobile cameras can easily be hacked. Usually this happens when a hacker infects your system with malware, which secretly installs remote administration tools that allow them to take control of your system.
The best way to prevent this from happening is to keep your cameras covered whenever you’re not using them.
Buy a webcam cover and make sure you close it when you finish a video call.
Buy a privacy case for your phone, with built in camera covers. You might also consider buying a privacy screen protector to prevent shoulder-surfers from watching what you’re up to.
Learn about phishing attacks #
According to Gov.uk’s 2022 Cyber Security Breaches Survey:
“Of the 39% of UK businesses who identified an attack, the most common threat vector was phishing attempts (83%).”
Phishing is a type of online scam in which criminals impersonate a legitimate person or company in order to gain access to your sensitive information.
To avoid becoming the victim of phishing, always check the email address of the sender is correct. Never click any links or download any attachments unless you can confirm the email is legitimate.
If the origin of an email is unclear, then reach out to the company claiming to be the sender directly, to ask if they were indeed the sender.
Jigsaw | Google: Can you spot when you’re being Phished is a handy tool that will help you learn how to identify phishing emails.
Identify hacks and data breaches #
If you are concerned that one of your accounts has been comprimised, there are ways to find out.
Use Have I been pwned to check if your email or phone has been leaked or is part of a data breach. You can also set up notifications, to notify you if/when your account has been compromised.
Jumbo is a privacy and security assistant that protects you from online risks such as data breaches and online tracking. It helps protect your social accounts and allows you to scan your contacts, so you can notify friends if their data has been leaked.
Delete your personal data #
In the past, removing you personal data once it’s “out there” has been a difficult task. These days, there are a growing number of services that will do this for you.
Incogni is a paid service that offers to hunt down data brokers who are collecting, aggregating, and trading your personal data without you knowing. Using GDPR, CCPA, and other applicable privacy laws they force these brokers to remove your personal information from their databases.
Redact is more of a content management tool, which will automatically clean up your old posts from services like Twitter, Reddit, Facebook and Discord. It’s free to use for personal use.
Final thoughts #
Life online is full of hidden perils.
Regaining control of your privacy is a great way to mitigate some of the risks.
Fortunately, these days there are plenty of privacy-focused services that can help with this.
Making better software choices and educating others to do the same is a surefire way to create a safer internet for all.