Prevent Hacking

Technology makes a lot of things in life easier – but it also opens the door to hackers. You don't have to be a multi-millionaire or a major corporation to be vulnerable to hacking. Hackers exploit vulnerabilities at a relatively low cost, so even a small payoff is worth the comparatively minimal effort. To prevent hacking, you must secure your devices and your information, as well as take caution when using the internet.

Steps

Keeping Accounts Secure

  1. Create complex passwords. Your passwords to access your accounts on apps or websites should consist of a combination of numbers, upper- and lower-case letters, and special characters that is difficult to guess.
    • Don't use the same password for more than one website or account. This limits the damage to you if a hacker happens to crack one of your passwords.[1]
  2. Use a password manager. Password managers store and auto-fill your credentials for different sites, allowing you to create a complex and unique password for each site without having to worry about entering the password itself more than once. While you should absolutely keep track of you passwords on your own as well, a password manager will help make your device much more secure.
    • Highly praised third-party password managers include "Dashlane 4", "LastPass 4.0 Premium", "Sticky Password Premium", and "LogMeOnce Ultimate".
    • Most browsers have a built-in password manager that stores and encrypts your passwords.
  3. Don't give out your password. This is an obvious piece of advice, but one that bears revisiting: with the exception of some school services, you shouldn't ever have to provide a site administrator with your password for them to access your account.[2]
    • This logic applies to IT workers and Microsoft or Apple representatives.
    • Similarly, don't tell people your phone or tablet's PIN or passcode combination. Even your friends might accidentally tell someone your passcode.
    • If you do have to give someone your password for some reason, change it as soon as they are done with whatever they needed to do on your account.
  4. Change your passwords often. In addition to keeping your password a secret, you should change the passwords on your various accounts and devices at least once every six months.
    • Be sure not to use the same password twice (e.g., your Facebook password should be different than your bank password, etc.).
    • When you do change your password, you should change it substantially. Don't simply replace one letter with a number.
  5. Use two-factor authentication. Two-factor identification requires you to enter a code sent to you in a text message or another service to access your account after you enter your user name and password. This makes it more difficult for a hacker to access your information, even if they are able to crack your password.
    • Most major websites, including popular social media networks, have some form of two-factor authentication available. Check your account settings to learn how to enable this feature.
    • You can set up two-step verification for your Google account.
    • Popular app alternatives to receiving a text message include Google Authenticator and Microsoft Authenticator.
  6. Read privacy polices carefully. Any company that has information from you must have a privacy policy that details how they use that information and the extent to which they share it with others.[3]
    • Most people simply click through the privacy policy without reading it. Although the reading can be cumbersome, it's worth at least skimming it so you know how your data is being used.
    • If you see something in the privacy policy that you disagree with, or that makes you uncomfortable, you may want to reconsider sharing information with that company.
  7. Log out of accounts when you're done with them. Simply closing the browser window isn't always enough, so make sure you click (or tap) on your account name and select Log Out (or Sign Out in some cases) to manually sign out of your account and remove your login credentials from the site.
  8. Make sure you're on an official website when entering passwords. Phishing scams – instances in which a malicious page pretends to be a login page for a social media or bank account – are one of the easiest ways for you to get hacked. One way to spot phishing scams is to look at the site's URL: if it closely resembles (but doesn't exactly match) a reputable site's URL (e.g., "Faecbook" instead of "Facebook"), it's a fake site. [4]
    • For example, enter your Twitter login information on Twitter's official page only. Avoid doing so on a page that asks for the login information in order to share an article or something similar.
    • An exception to this rule is when a university uses an existing service (e.g., Gmail) through their home page.

Keeping Your Phone Secure

  1. Change your phone's passcode often. The first line of defense against people attempting to view or steal your data is a strong and constantly changing passcode.
    • Make sure that you substantially change the passcode each time you change it--don't just change one number.
    • On most phones, you can set a "complex" or "advanced" password that includes letters and symbols in addition to the typical numerical characters.
  2. Use Touch ID if possible. While you'll still need to have your passcode for your phone's lock screen, you should use Touch ID on any supported devices to pay for items and any other available services.
    • As a general rule, cutting down on the amount of times you have to enter your password on any platform is a good practice.
  3. Browse using secure web apps. It may be tempting to use third-party browsers like Tor or Dolphin, but synchronizing your Google Chrome account or Safari account between your phone and your computer will both prevent the need to re-enter saved passwords and protect your device from unsafe websites.
  4. Update your devices and software on time. As soon as an update becomes available for anything from your phone's Facebook app to its entire operating system, you should apply it if possible.
    • Many updates are patches to repair weaknesses and address security vulnerabilities. Failing to update your software will eventually result in an exploitable weakness appearing, which puts your device at risk.
    • If you have the option to download all updates automatically, make use of this feature. It will save you a lot of trouble.
  5. Charge your phone on reliable USB ports. These include the ports on your computer and in your car (if applicable). Public USB ports, like the ones you may see in a coffee shop, can compromise your information.
    • For this reason, it's a good idea to bring an electrical outlet connector in addition to your USB cable if you're traveling.
  6. Avoid jailbreaking (or rooting) your phone or side-loading apps. Both iPhones and Androids have security safeguards that can be bypassed by jailbreaking or rooting the respective devices, but doing so opens your phone up to attacks and infections that would have previously been impossible. Similarly, downloading apps from unverified sources ("side-loading" apps) greatly increases your risk of contracting malware.
    • Android phones have a built-in security suite that prevents you from downloading apps from unknown sources. If you do choose to disable this option (from the Security tab in Settings), you'll need to carefully verify websites from which you download apps before proceeding with the downloads.

Keeping Your Computer Secure

  1. Encrypt your hard drive. If your hard drive is encrypted, a hacker will be unable to read the data stored there, even if they manage to gain access to your hard drive. While you've taken steps to prevent access, encryption is another method of protecting your information.
    • Mac - FileVault is the encryption service for Macs. You can enable it by clicking the Apple icon in the top-left corner of your Mac's screen, clicking System Preferences, clicking the Security & Privacy icon, clicking the FileVault tab, and clicking Turn On FileVault. You may first have to click the lock icon and enter your Mac's administrator account password.[5]
    • Windows - BitLocker is Windows' default encryption service. To enable it, simply type "bitlocker" into the Start search bar, click the "Bitlocker Drive Encryption" option, and click Turn on BitLocker. Keep in mind that Windows 10 Home users won't have access to BitLocker without first upgrading to Windows 10 Pro.
  2. Install updates as soon as they become available. In addition to performance upgrades, system updates often contain improvements to security.[6]
  3. Back up your data frequently. Despite even the strictest security, it's still possible that your data may become compromised. This may be the result of hacking, or simply computer failure. Backing up your data ensures you don't lose anything.
    • There are cloud-based services you can use to back up your data. Check the security of these services carefully before joining one. While you may be tempted to go with the least expensive service, you want to make sure your data will be kept safe.
    • You also can use an encrypted external hard drive to back up your data. Set up your computer to run automatic backups daily, at a time of day when you aren't normally on your computer.
  4. Avoid clicking suspicious links or responding to unknown emails. If you get an unsolicited email, or an email from a sender that you cannot verify, treat it as a hacking attempt. Do not click on any links or give the sender any personal information.
    • Keep in mind that even replying to the email will let the sender know that your email address is active and valid. While you may be tempted to send them a sarcastic reply, even this will give them information they can use to hack you.
  5. Install or activate your firewall. Both Windows- and Mac-based computers come equipped with a firewall, which prevents hackers from gaining access to your computer. However, in most computers, the firewall is not turned on by default.
    • Go into the security settings of your computer and look for "firewall" settings. Once there, make sure it is turned on and that it is blocking incoming connections.
    • If you have a wireless network, your router should have a firewall as well.
  6. Enable a firmware password. If your computer has the option available, require users to enter a password before rebooting from a disk or entering single-user mode. A hacker cannot get around a firmware password unless they have physical access to your machine, though you'll need to be extremely careful not to forget or lose the password since it is immensely difficult to reset. To create a firmware password:
    • Mac - Restart your Mac, then hold down Command and R as it boots up. Click Utilities, click Firmware Password Utility, click Turn On Firmware Password, and create your password.
    • Windows - Restart your computer, then hold down the BIOS key (typically Esc, F1, F2, F8, F10, or Del) as your computer boots up. Use the arrow keys to select the password option, then enter your preferred password.
  7. Disable remote access. You may need to access your computer remotely, or allow someone else to do so, such as if you've called tech support. However, you should keep it disabled by default and only turn it on for brief periods when you need it.
    • If you have remote access enabled, you essentially leave an open door for hackers to get into your computer and steal your data.
  8. Install antivirus software on your computer. Antivirus software recognizes and removes potentially harmful files and programs as soon as you download them. Windows Defender is a good choice for PCs, and it comes pre-installed on Windows 10 computers. For a Mac, consider AVG or McAfee as another line of defense on top of Gatekeeper, which is the default protection suite.[7]
    • It's also a good idea to make sure your computer's firewall program and Bluetooth function are only letting trusted connections access your computer.

Keeping Your Network Secure

  1. Use secured wireless networks. Generally speaking, secured networks require you to enter a password before you can connect to them. In some locations (such as airports or coffee shops), you can request the password after purchasing an item.
    • If the wireless network isn't secured, your computer will let you know before connecting. In some operating systems, there will also be an exclamation mark next to the network's name.
    • If you have to use the internet but don't have access to a secure network, change your passwords immediately the next time you log into a secure network.
    • If you have a wireless network at home, make sure it's secure and encrypted. Keep in mind that wireless routers typically aren't secure by default – you have to set this up yourself.
  2. Download programs only from reputable sites. This methodology goes for sites you visit on an unsecured connection as well. If there isn't a padlock icon to the left of the URL address and "HTTPS" in front of the "www" portion of the URL, it's best to avoid the site (and downloading anything from it) entirely if possible.
  3. Learn to recognize fake websites. In addition to avoiding sites without "HTTPS" and the padlock icon next to the URL, double-check the website's URL before entering your password on it. Some sites will attempt to steal your login information by posing as another site (this is known as a phishing scam); you can spot these sites by looking for extra (or missing) letters, dashes between words, and extra symbols.
    • For example, a site masquerading as Facebook might have faceboook.com as its URL.
    • Sites which display dashes between multiple words in the site name itself (the words in between "www" and ".com") are generally not reliable.
  4. Avoid file sharing services. Not only does file sharing often violate intellectual property laws, but file-sharing websites are crawling with hackers. You may think you're downloading the latest hit song or a new movie, but the file actually is a virus or malware in disguise.
    • Many of these files are designed in such a way that the virus or malware hidden within won't be picked up by anti-virus software screenings. The virus won't infect your system until you try to play the file.
  5. Shop only on secure sites. Don't enter account or credit card information on a site that doesn't have "https://" written before the "www" section of the website address. The "s" indicates the site is secure. Sites without that won't encrypt or protect your data.
  6. Keep personal information off social media. You may think you're just sharing with friends, but revealing too much about yourself and your life on social media can make you vulnerable to hackers. Share personal information directly with people who need to know rather than openly posting on social media.[4]

Tips

  • There are firewalls and anti-virus software available for free on the Internet as well as many options for purchase.
  • Make sure your password isn't the same as your username or email.

Warnings

  • Unfortunately, the only fail-safe way to avoid being hacked entirely is to avoid using technology altogether.

Related Articles

Sources and Citations

  1. https://techsolidarity.org/resources/basic_security.htm
  2. https://answers.stanford.edu/solution/why-should-i-change-my-password
  3. https://us.norton.com/cybercrime-prevention
  4. 4.0 4.1 https://home.mcafee.com/advicecenter/?id=ad_ost_tohtpyo&ctst=1
  5. https://support.apple.com/en-us/HT204837
  6. https://decentsecurity.com/#/securing-your-computer/
  7. https://support.apple.com/en-us/HT202491
Retrieved from "https://kipkis.com/index.php?title=Prevent_Hacking&oldid=268044"