How to Avoid Getting Hacked

Businesswoman checks her phone for messages while drinking her morning cup of coffee

With the increasing number of data breaches discovered each year, many are worried about the safety and security of the information they're putting online. But while you may not be able to directly control the security measures at large corporations that have been hacked or lax with their security, like Capital One or Facebook, there are steps you can take to protect your activity online and make your information a little bit safer.

Strong passwords that you only use once

Creating strong passwords for your accounts is the basic first step that should never be ignored when addressing your security online. So what makes a strong password? Start by ditching your traditional idea of a password for a passphrase. Standard 10-character passwords that are a mix of single words, numbers, and symbols can be targeted with brute-force techniques frequently used by hackers. But a passphrase that is longer and incorporates multiple words and spaces will be harder to crack. And if you ever struggle with remembering unique passwords, these longer phrases can actually be easier for you to remember than something like *19Gh@sT84#. 

But with as many online accounts as we all have these days, it can be tempting to reuse login credentials across different platforms, no matter how good your memory is for remembering passwords or passphrases. 

If you currently do this, it's a bad habit you should break immediately. If hackers can get your password for one account, there's no stopping them from trying to use it to get into others. You can easily prevent this situation by never reusing passwords across different platforms.

Always use two-factor authentication when available

Two-factor authentication (2FA) puts another step in the process of signing into an account online. If your password is stolen in a data breach, two-factor authentication can still help prevent anyone from gaining access to your accounts. 

2FA can come in many forms, but it always involves a prompt to provide additional information after the correct username and password are entered for an account. Not all 2FA authentication methods provide the same level of security, however. SMS Text Message 2FA, for example, is probably the most widely known form, but it may not provide the level of security you'd like for your banking or financial accounts. Hackers who can intercept text messages have broken into the accounts of many people who had SMS Text Message 2FA enabled.

Instead, for accounts that allow it, you should use an authenticator app on your phone for 2FA. Authenticator apps—some examples of which are AuthyGoogle Authenticator, and DUO Mobile—generate the 6-digit code needed to log into your accounts. They're also available offline, meaning if your cell phone doesn't have service, you'll still be able to log into an account on a new device without issue.

Run your updates

You probably get notifications to update your device's software or your web browser from time to time. While it can feel irritating to run these updates, it's better to do so sooner rather than later. Sometimes, these updates come with security patches to prevent hackers from accessing your information when browsing the web or using your device. If it bothers you to run these updates, try saving it for the very end of your day so that you can avoid having your web browsing interrupted. 

You'll also need to keep your apps up to date on your phone for similar reasons. The most surefire way to keep on top of this is to enable automatic updates for your apps. Here are instructions for enabling automatic updates on Android and iOS:

Make sure a website is secure before entering personal info

Being able to pay bills, shop online, and manage sensitive personal data is certainly a convenience, but it can be so damaging if this information gets hacked. Before entering details like your credit card number or social security number on any web page, check to make sure that the site is secure.

You can tell by looking for a lock symbol in the address bar of your web browser. If the lock symbol appears to be locked, you're good to go. You can also click on the lock to confirm whether or not your connection is secure. For links that you receive in an email or message, inspect the link before navigating to the page and check whether or not the URL begins with 'https.' 

Try using a VPN

You should always be extremely careful when using public wifi. Even if you're browsing from a coffee shop that required a password to access their wifi connection, your information can still be accessed by nearby hackers. Using a Virtual Private Network (VPN) can help you protect your information when browsing the web.

A VPN will create an encrypted web connection over a public network. While a VPN is often used by businesses to allow employees to access their organization's private network from remote locations, the technology is also used by many individuals who want to increase their privacy when browsing the web for personal reasons. It can help you to avoid eavesdroppers tracking your movements. 

Like with any service, not all VPN providers are created equal. While there are some free VPN options available, you'll want to read the fine print of the user agreement before opting in. VPN services cannot be run for free, and providers will need to be making revenue somewhere, whether it's serving you ads or even selling your personal information. Always do thorough research before signing up for a VPN, whether the service is free or subscription-based.

The internet has become deeply integrated into all of our lives, and yet we often neglect the basics when it comes to our online security. But it doesn't have to be intimidating to get your online security up to snuff. Start with these 5 simple steps, and you'll be well on your way to making sure your information online is safe and sound.