There are various reasons why effort, time, and money are spent on data protection. The increased embracement of computers both in the business and social interactions has exponentially increased the risk of exposure of personal information. The first critical reason why it matters to protect data is the need to protect oneself or a business from financial loss. The loss of information to unauthorized third parties may be negatively exploited to the disadvantage of an individual or a business. Gimmicks such as identity theft may occur as a result of criminal access to the personal information of an individual, which may lead to financial loss even as the perpetrators use the finances of the involved parties. It is critical to note that identity theft is highly unlikely in the absence of the personal information of targeted victims. nevertheless, with such information, one can easily emulate the life of the individual and use financial sources such as credit cards and debit card numbers to access finances of the individuals. Apart from such financial losses, the exposure of individual data, such as health information may be negatively used by malicious individuals to harm them. Sharing of such information could lead to the loss of opportunities, employment, social isolation, or the loss of benefits, depending on the type of information that is shared.
Protection of personal data is also important in limiting the power that private sector companies and governments have over individuals. The knowledge that these parties have on individuals informs the amount of power that they have over them. Considering the importance of personal data to make critical decisions in one’s life, such data could be used to affect the reputation of an individual and to influence the decision making process and behavior of such a person. As such, this data can be used to gain control over an individual. Privacy allows individuals to effectively manage their reputations. The manner in which individuals are judged or viewed by others has an impact on their overall well-being, friendships, and opportunities. As much as individuals cannot completely control their reputation, the ability to protect data provides them with some protection of their reputations. Protection of personal data ensures that both falsehoods and some truths that are likely to harm one’s reputation are kept private.
Individuals could be exposed to risks of being victims of criminal activities if their personal information such as their addresses, names, and employment locations fall into the wrong hands. Malicious parties may sell such information to criminals or use it to engage in criminal activities such as break ins and stalking. Underage individuals such as teenagers could also be exposed to online criminal activities such as sexual predation upon the loss of their personal information such as online activity to perpetrators of such activities. The loss of personal information could also have an impact on maintaining appropriate social boundaries. Individuals maintain informational boundaries that inform the kind of relationships that they establish with others within the society. A breach of such boundaries is likely to result in damaged relationships and awkward social situations. The breach of personal data may negatively affect the trust that is established in commercial, governmental, professional, or personal relationships. This would have a negative effect on the life of the involved individuals.
2. Risks of not protecting your data
Protection of personal data is pertinent to ensuring one’s life remains private. As earlier mentioned, personal information affects the types of decisions that one makes and the types of relationships that are established both at personal and professional level. Thus, failure to protect one’s personal information exposes them to various risks. To start with is the risk of exposing information that would rather be kept private to unintended parties. For example, the exposure of sensitive health information to third parties such as the employer or some members of the family at an unintended time could affect the relationship between an individual and such parties. Deteriorations in such relationships could lead to isolation, loss of employment, or demotion, an aspect that would further affect the life of an individual.
Another major risk associated with failure to protect one’s data involves identity fraud or identity theft. This happens when a perpetrator accesses the personal information of a person, including his or her name, Social Security number, bank account and credit card numbers, utility or phone account numbers, medical insurance numbers, or passwords, and employs such information for financial gain. Affected individuals are exposed to lengthy periods of recovering from the credit and financial problems that result from identity theft. Among other consequences, identity theft victims are likely to suffer financially, socially, physically, or emotionally. The financial hardships resulting from identity theft are likely to last for a long period after exposure of one’s personal information. The type of data exposed to identity thieves would determine the challenges that one has to go through to recover financially. One may be forced to close bank accounts that have been compromised and to open new ones, dispute credit file activities and work towards restoring good credit, and respond to any legal disputes that may follow the activities engaged in by the identity thief. By talking over one’s accounts, identity thieves are also likely to gain control over one’s investments, an aspect that would affect his or her income and ability to settle bills.
Identity theft could also expose one to an emotional toll. Case in point, an identity thief could use one’s identity to engage in criminal activities, an aspect that would affect one’s reputation, which may pose major challenges to fix. Consequences such as the establishment of a criminal record may affect one’s prospects of getting opportunities such as employment, contracts, or educational opportunities, among others. In addition, one could be arrested in relation to criminal activities liked to their identity before they can come out and clear their name. such occurrences are bound to cause emotional pressure. In most cases, identity thieves are faceless and anonymous, an aspect that causes feelings of helplessness, leading to stress, anxiety, depression, and isolation.
The physical toll of identity theft is also significant. Individuals may engage in crime in one’s name leading to arrests and a negative criminal record. This will affect one’s housing options and employment, among other areas. The process of clearing one’s name is highly stressful even as one has to provide the law enforcers with evidence to demonstrate that the identity of an individual has been stolen. Identity theft, especially on online and social networking platforms, could have a negative effect on the social relationships of an individual. For example, by accessing one’s passwords for social networking accounts, identity thieves can change such passwords and start posting or sharing information that may be damaging to one’s reputation, posing as the victim. It is hence critical for proper efforts to be put in place to protect one’s personal data.
3. Keeping your confidential data secure online
Do not use public Wi-Fi to make sensitive transaction
Using public Wi-Fi to engage in sensitive transactions exposes one’s data to interception from outsiders. Individuals should avoid performing banking transactions or sending any information that is deemed sensitive over such networks. While public Wi-Fi hotspots put in place in libraries, hotels, airports, and café’s among other places provide individuals with convenience, they present various security compromises that could lead to negative consequences. When using such networks, it is important to limit one’s activities to basic online activities. It is also significant to consider avoiding Wi-Fi hotspots that one does not have knowledge of the operators as criminals could set up rogue hotspots to access and steal the information of users.
Apply website privacy settings
Remember to sign out
Individuals may be required to sign in to access some of the services that are offered online via personal accounts. Nevertheless, it is highly important for individuals to ensure that they sign out after using such services, especially when utilizing public computers in libraries, cybercafés, or at work. The Two-step verification process may be helpful when using public computers as it would lock out individuals who try to sign into one’s account by requiring additional verification using one’s cell-phone or a different platform.
Avoid opening emails from strangers
Some criminals attack files to e-mails, which are used to distribute destructive programs including viruses, which could distort files that exist on the computer and destroy the entire computers. Some viruses are used to steal information from the affected parties. As such, it is important for individuals to avoid opening emails from unknown sources and to avoid opening any attached files or clicking included links. In some cases, the people known to one may forward emails, especially those that have an ‘exe’ extension, without knowing that such attachments carry infectious programs. Such emails should be immediately deleted.
Employ two-factor authentication
The two-factor authentication approach provides individuals with extra protection in the event that a hacker or third party is able to crack or guess one’s password. This approach involves a second step for verifying one’s authenticity during a login, where they may be asked to provide a personal identification number (PIN) send to them or to provide an answer that they set for a given question when they first opened their account. Websites such as Google provide one with a code during the login process, which has to be input for the login process to be completed. Online users should check their hosts for e-mail, shopping, and banking services, among others, for appropriate options.
Be cautious of what you read
This is a highly important issue of consideration in online interactions as it allows one to effectively protect his self-worth or confidence, reputation, and financial assets. There are various scams online, including false promises and claims of vast wealth accumulation. It is critical for individuals to be cautious of what they read or receive online. Some scams may lure individuals into giving away their personal information, which can be sold to identity thieves. Thus, it is important to avoid falling for such scams.
Sensitive transactions should only be conducted via secured websites
Individuals should always use secure websites to share sensitive information or to perform financial transactions. Secure Socket Layers (SSL) forms one of the security protocols that are commonly used to secure websites, protecting any data that is transacted via such sites. Secure websites include https:// at the start of the URL. Some web browsers such as Firefox and Internet Explorer show a padlock icon as an indication of a secure website, while also showing https:// in the URL. Sessions that include HTTPS are encrypted with a Digital Certificate, preventing the accessibility of the transacted information to unauthorized parties.
Avoid downloading files from untrusted sites
Various websites, including peer-to-peer platforms for sharing files are both illegal and critical sources of malware. Individuals should avoid downloading files from such websites that they do not have complete trust in. Pirate sites various ‘Potentially Unwanted Programs’ and malware that have been designed in such a manner that they are able to defraud or deceive unwitting visitors. ‘Potentially Unwanted Programs’ include ads linked to download managers and popups.
In some cases, use a disposable email account
A disposable email account refers to one opened for application in a single case after which it is disposed, never to be applied for any purpose again. Individuals have the capacity to open numerous free online email accounts, which require a short time to establish. This provides individuals with the opportunity to set up emails addresses that can be used for short-term purposes and disposed thereafter. Such emails make sense in some cases such as during short-term projects, the opening of social networking accounts such as Twitter or Facebook, and during tests of websites and other databases. Basically, such emails come in handy at any time one is not sure of the period that they will use, such as when considering software trials. Consider secure mobile access options
Various online services provide consumers with secure mobile access options, which allow them to access the provided services without exposing their credentials, including login details. Case in point, some banks offer their customers secure mobile access that does not require exposing one passwords or account information. Hence one does not have top store critical personal information such as passwords and account numbers on their mobile devices.
Exit ad tracking
Companies make large amounts of money from advertising, targeting online service users with online ads. While a given level of being targeted by advertisers is expected during online interactions, it is important to consider ways through which one can limit the amount of information that is collected about them. In some cases, consumers are provided with a ‘close ad’ box that they can click to close such advertisements.
Avoid saving passwords in your browser
It is dangerous to rely on the browser to safely keep an individual’s passwords. In cases where an individual is able to gain access to the device used to save the passwords, they can easily log into the accounts whose login credentials have been stored with the browser. As such, as much as such a practice provides users with convenience ion terms of quickly accessing their accounts, it risks their data.
Investigate your online presence
As part of one investigating his or her online reputation, it is important to consider evaluating his or her digital footprint. As such, one should check all the accounts of which they are part of, including those that they no longer use, and the amount of information that has been shared by all these accounts. Establishing the places in which one’s critical information is stored, including the websites that have details of one’s Social Security or credit card numbers. Such an investigation of one’s online presence will allow for the determination of the accounts that are no longer used yet hold important information and to delete them.
Use sandboxing to protect your browser
While most attackers previously designed viruses that would target the operating system of one’s computer, current malware are designed to target the user’s website. There is continuous growth in the approaches embraced by the authors of malware to break into a user’s browser and his or her privacy. “Drive-by-download” is one of the most critical approaches embraced by attackers, which involves a malware automatically installing itself on one’s device as a code when the user visits a website that has been compromised. Sandboxing can be used to fully protect one from such browser exploits that could expose one’s critical information. Sandboxing a website limits its access to the available resources, only allowing it access to those that would allow it to carry out the required tasks. As such, the browser blocks any other software, including viruses, which make attempts to install themselves. Google Chrome is an example of a browser that has input sandboxing as a default setting. The omnipresent Flash plugin has also been sandboxed by the Chrome browser, an aspect that provides users with additional protection. Other browsers may need users to take their own precautionary measures, such as sandboxing.
Be cautious when searching for topics that ate known for malware
It is integral for online users to maintain precautions when searching for topics that are known for malware or spam. This mostly applies to search topics that are extremely popular such as adult-oriented, celebrities, and pharmaceuticals content. Given that a large number of internet users conduct searches on such topics, hackers take advantage of such traffic to come up with fake websites that are solely designed to deposit malicious files in the user’s devices or browser cache upon clicking provided links. It is hence important for internet users to ensure that they visit reputable websites when searching for such popular topics to avoid visiting sites that have been designed to infect their computers with viruses and malware that could be used to steal their personal information.
Consider storing sensitive data locally
As opposed to backing data online in the cloud, internet users should consider storing such information or a removable storage device or locally. One can never be sure of the security measures that have been put in place by the cloud storage provider to protect the confidentiality of the information provided. Storing information such as credit card numbers, addresses, and bank account numbers could expose one to identity theft.
4. Be aware of impersonators
At this point, it is already understandable that as much as the internet may be used for various reasons, including the accessibility of great resources of information and research sources, it also presents various dangers. Pew Research Center conducted a survey on internet usage among teenagers and concluded that out of all teenagers aged between 12 and 17 years, 95 percent used the internet, with 80 percent using social media networks. As much as these social media sites and other websites have developed various initiatives to protect the privacy of users, there are still loopholes that exist, which are utilized by online impersonators. As such, an individual posing as a 16 year old Facebook user could be an adult, who for malicious reasons is pretending to be a teenager. As such, it is important for online users, especially the users of social networking sites to be aware of their interactions online. Individuals should avoid physically meeting individuals that they met online, not unless they personally know such persons. Some of these people could be criminals who are looking for opportunities to perpetrate crime.
To safeguard one from online impersonators, individuals should avoid sharing their personal information with an individual that they met online, including information such as one’s actual names, phone numbers, addresses, credit card numbers, and any other information that could be revealing of their identity or location. In addition, individuals should never share their passwords with any person online as such persons could use such details to log into their accounts and change the passwords, hence impersonate them.
The world is continuously growing into a global community with the expansion of the internet and of sites such as Google and Facebook. As such, it is important when using these internet platforms to consider cross-checking one’s privacy settings and ensuring that personal information is kept away from the public domain. Individuals should also avoid opening any files or links that are attached to emails from unknown persons as they may include malware that would automatically install itself on the computer upon opening such files. Such malware can then be used by online impersonators to steal personal information from one’s computer, which can be used to engage in identity theft and other illegal activities. In addition, individuals should consider limiting their responses to online ads as this could provide attackers with loopholes to send more emails with compromised files.
It is also important to effectively assess the website that one visits to determine their credibility and to avoid visiting websites that would expose them to malware. To assess a website, it is critical to check the validity of the author, and the updated contact information for the organization or the author. Checking the domain name from the address of the website is one of the ways through which a user can check the credibility of the websites that they are visiting. For example, some of the domain names are: .edu for educational organizations, .net for networks, .org for organization, .gov for government, and .com for commercial. Users should not trust any information that they get online blindly. It is important for a user to check the credibility of the involved site and establish whether the site in making attempts at persuading him or her towards a given direction.
5. Properly dispose of personal information
The disposal of personal information is a critical process that requires adherence to appropriate procedures, where such information is in electronic form of paper form, to reduce the possibility of unwanted disclosure. In addition, there is a need to take precautions in cases where an individual is to reassign the control of a device holding personal information to another person. Such devices could include one’s rewritable CDs/DVDs, cameras, USB drives, mobile phones, and computers. Moreover, when taking devices that hold confidential information form repair, it is also integral to remove such important information from such devices to protect such information from being accessed by unauthorized parties. In cases where it is not possible to remove such information before taking the devices for repair, it is important to consider entering a legal agreement with the person repairing the information, which would pronounce them legally liable for accessing and using such information or sharing it with a third party. Prior to the disposal of any IT equipment, it is generally important to remove any licensed software that has been locally installed. Failure to remove such software may lead to a breach of the license’s terms.
Disposal of paper information
Any unwanted paper documents without information that could be deemed confidential can be disposed of by recycling to reduce on waste. Nevertheless, in cases where such documents contain information that is confidential, it is important for an individual or company to start by conducting an assessment of the information to determine the impact that its disclosure would have on the affected persons. If it is determined that disclosure of such information could lead to significant levels of harm, or in cases where the user is not certain of the implications that disclosure of such information, the documents should be destroyed in a permanent manner, whereby they cannot be recovered. Shredding forms one of the most effective approaches through which such documents can be destroyed as it allows for their slicing into micro-pieces that cannot be put together.
Disposal of electronic information
With the increase in information technology, most of the personal information of individuals is stored on electronic devices. While simple deletion of files from an electronic device may be considered an effective way of getting rid of related information, it is evident that some of the information could be recovered using modern techniques. As such, disposal of personal information stored on electronic devices should be conducted using drive level or secure file deletion tools. Free utilities, including “Boot and Nuke” could be used to securely wipe data from PC hard drives in such a manner that such data would not be recoverable. In addition, for Windows users, “SDelete” provides an effective tool that can be used to delete certain folders and files. Another method that could be used to permanently dispose of personal information from electronic media such as hard drives and USB drives involves overwriting the media. this includes erasing the existing content by replacing it with different content. Purging could also be used in some cases, where the media is magnetically erased. This is applicable on magnetic devices such as backup tapes and hard drives. Last but not least, personal information can also be disposed of by physically destroying the storage devices. This could include destroying the hard drive, USB drive, external hard disk, DVD or CD, or tape to a level whereby it cannot be repaired, hence rendering its content unrecoverable.
6. Encrypting your data
Data encryption involves the process through which data is changed from one form to another, or is coded to limit access to such data to authorized parties who are provided with a password or a decryption key that would allow them to open the information in its initial language and read it. Encryption forms one of the highly applicable and reliable approaches through which data can be protected from undesired disclosure. There are two variations of data encryption including symmetric encryption and asymmetric encryption.
What does data encryption do?
Data encryption maintains the confidentiality of digital data both during storage on digital devices and during transmission from one user to another via the internet or offline computer networks. This process involves the use of various encryption algorithms which have been developed in replacement of the old data encryption standard (DES). Such algorithms provide drive key security and confidentiality measures such as non-repudiation, integrity, and authentication. Authentication allows a user to verify the origin of a message prior to processing it, while integrity offers the user proof that the contents of a message have not been altered from the time it left its source. In addition, non-repudiation confirms the source of the message, preventing the message’s sender from denying that he or she sent it.
Data encryption process
The process of encryption starts with the plaintext or the data, which is coded using an encryption algorithm, developing an encryption key. As a result of the encryption process, a cipher text is generated, which can only be visible in its initial language after decryption using the correct key. In the case of symmetric encryption, the same encryption key that is used during the encryption process is used to decrypt the data. This type of encryption is faster as compared to asymmetric encryption. Nevertheless, for the recipient of the message top decrypt it, they must receive the encryption key from the sender. In the organizational setting, this may involve the exchanging of large numbers of keys, an aspect that has pushed more organizations towards using asymmetric encryption to send the developed encryption keys after they have been employed in the symmetric encryption of data.
Asymmetric data encryption, also called public key cryptography, provides a different approach to data encryption. This system utilizes two variant keys, one of which is private while the other is public. While the public key may be shared in the public domain with all people, the private key is protected. Most organizations use the Rivest-Sharmir-Adleman (RSA) algorithm to perform public-key encryption of data that is deemed sensitive, especially in cases where such data is to be shared over the internet and other unsecure networks. The RSA algorithm uses digital signatures to facilitate the encryption of messages using both private and public keys, ensuring the non-repudiation, authenticity, integrity, and confidentiality of such messages.
Solutions for data encryption
Data encryption can facilitate encryption and protection of data, emails, and devices. Nevertheless, the control capabilities of the data, email, or devices are critical in facilitating achievement of such encryption functionalities. Organizations and individuals are faced with the challenge of preventing the loss of data and protecting data as those who have access to the devises used to store and transmit such data use web applications, removable media, and external devices in their daily operations and interactions with the devices. The use of such devices means that such individuals can easily copy information that is considered sensitive onto the devices and share it with the cloud, taking protection and control out of the hands of the company or individual. As such, the best solutions to preventing the loss of data are those that bare targeted at preventing malware introduction and data theft through cloud and web applications, as well as external and removable devices. To achieve such, it is critical to ensure that auto-encryption capabilities are employed in protecting the data, which would ensure that any data that leaves the organization’s devices is encrypted and that a key is required to decrypt it. It is critical for organizations to consider utilizing premier solutions for data loss prevention, which encrypt, block, and warn against the loss of sensitive information in consideration of the context and content of the information, including the recipient’s information, the data class, and the personally identifiable information of the user.
7. Benefits of a strong password
Policies informing the creation of strong passwords have come a long way. Online service users are flooded with a series of passwords that that are expected to remember. Ranging from home security alarms systems, ATM pin numbers, smartphone pass codes, banking accounts, social media accounts, emails accounts, and website logins, users are required to come up with protective passwords. The generation of strong passwords is critical to safeguarding such important systems on which individuals depend on a daily basis. As much as extra complexity could be inconvenient to most users, it should not be a hindrance to the development of strong passwords. There are various reasons why strong passwords policies should be embraced both by individuals and organizations. This section discusses three of these reasons.
Duplicating passwords increases risks of attacks
The escalation of data breaches not only at individual but also organizational level has left the data of most individuals exposed. By using a single password for all accounts, an individual whose data is exposed through a single channel is exposed to an increased possibility of exposure to attacks across his or her accounts. As much as website administrators may notify their clients in a timely manner and institute password changes, such changes are only limited to the website. In the case where the user employs the same password for other accounts and websites, they remain exposed to their information and even funds being stolen as a result of the attacker’s ability to log into the other accounts. Hence, it is critical to ensure that different accounts have different websites so that they can be safeguarded from the risk that may emanate from exposure of a single account’s passwords.
Each character within the password increases strength
The number of characters that are included in a password and their variations play a critical role in improving the difficulty of the password being guessed by hackers. For example, a password of six letter characters could have close to 308,916,776 combinations. Considering such a number, it is difficult for attackers to guess right the correct combination of the password. The more the characters a password has, the more the difficulty. Hence, the importance of a strong password is that it reduces the chances of an attacker correctly guessing the password, as opposed to the common simple passwords such as 123456578 or “password” that can be easily guessed.
Some individuals also use their personally identifiable information, such as their names, date of birth, or Social Security number as password. Such simple passwords fall within the categories that attackers start with in attempts to guess passwords right. In addition, in cases where one’s information may be exposed as a result of an attack, attackers are able to obtain not only one’s password, but the personally identifiable information that it represents. Such information could be used for negative purposes, including identity theft and impersonation.
The use of Multi-factor authentication increases password security
Apart from creating strong passwords, it is important to consider using multi-factor authentication features to increase the protection of systems from data loss or distortion. This would provide the data protection system with an additional layer of protection. With some websites, users are provided with the option of including the restriction of IP address and the use of one-time passwords. If such access requirements are correctly implemented, they can help in achieving heightened protection of user accounts, even in cases where one’s passwords have been acquired by hackers and compromised.
8. How to create a strong password
1. Using two-factor authentication
Two-factor authentication refers to a security system that employs two distinct, but related approaches to verify an individual. With the increased risk of one’s data, including passwords being lost to hackers and other attackers, individuals are more exposed to their personal information being lost when such hackers used such passwords to login to their accounts. This makes it easier for hackers to engage in identity theft and other crimes. Nevertheless, the two-factor authentication approach provides users with an additional protection layer to the reusable password that they may be using to log into their accounts. Combining a private PIN with a random token number, the two-factor authentication generates a passcode that offers users with trustworthy authentication.
Two-factor authentication fits one’s identifying credentials into two of these categories: something that one cannot change (fingerprint or retina scan), something that one possesses (a smart car or a mobile phone), or something that only the protected individual knows (a PIN number or password). As such, one cannot simply employ two passwords to authenticate as they fall within the same category. One has to combine an item from any two of the three categories, such as a password and a fingerprint scan or a PIN number and a smart card. The two-factor authentication process is also art of the everyday lives of most people when they visit and ATM to transact money as they are required to have both a bank card and a PIN number to facilitate the transaction. As such, even if someone had access to one’s bank card, they cannot be able to transact unless they have the individual’s PIN number. Data is commonly secured using Public key infrastructure (PKI) and One-time passwords (OTP).
Two-factor authentication and OTP
OTP refers to a randomly generated single use password that is only valid for a single login session. When a user tries to log into an account that has been protected by two-factor authentication and attempts to authenticate, a temporary password is generated and sent by text to the cell phone of the user. The mobile phone has to have been previously registered to the account and is within the system. This means that even though an individual may have details of a user’s password, any attempts to log in will send an OTP to the user’s phone and not the attempting individual’s phone, making it difficult for such an individual to log into the account, an also informing the user that his or her password has been compromised, allowing for change. As much as OTP can be independently employed in authenticating, it is highly effective when it is included as a part of two-factor authentication structure that requires one to employ an OTP, PIN, and ID to access a given system.
The two-factor authentication system allows for recognition of user devices, allowing any returning log in to a computer or phone to skip the extra step in providing the user with authentication. This allows the user to easily log into a given system without the need to consistently authenticate when operating from the same device. Nevertheless, cybercriminals and hackers face difficulties in login into an individual’s account even if they have access to the password, as they are operating from different account and thus are required to provide a second factor every time they try to log in (Kennedy & Millard, 2016).
2. Using a password manager to remember passwords
A password manager refers to an application or software that stores a user’s passwords for different accounts and managers such passwords to allow for safe log ins and protection from third-party access. The passwords are stored in an encrypted format and the user is provided with secure access to the passwords using a master password. Currently, different forms of password managers have been developed, which differ in the manner that they encrypt the password information, the features they provide, and the type of storage that they offer.
Considering the challenges that individuals face in creating different passwords for each of the accounts that they have, password managers provide a highly effective solution for the management of such passwords. This is especially the case when the passwords developed by a user for various accounts are difficult to remember due to the complexity of character combinations. The password managers allow users to store all these passwords under a single master password. The user is only required to log into the password manager using the master password and the manager automatically enters the log in information into the log in forms of the other accounts. As such, the data is protected from hacker schemes such as keystroke logging, while the user is safeguarded from the need to remember different passwords.
As a result of using password managers, a user can be able to develop unique and strong passwords without the fear of forgetting such passwords and being locked out of their various accounts. Users can efficiently manage the passwords. The manager stores the login information in either the cloud storage or the user’s system local memory. With the use of portable applications for managing passwords that can be installed on mobile devices, users are provided with the capacity to remember and manager passwords anywhere and to easily use their passwords on shared systems without the fear that their passwords would be disclosed to other parties.
There are additional features that are commonly incorporated into password managers, including password generation and automatic form filling. The feature for automatically filling forms, as mentioned earlier, allows for automatic entry of login credentials for given websites every time they are loaded. Apart from protecting the user from keystroke logging, this limits the manual errors that are likely to be made during the entry of logging credentials. In addition, given that such managers are able to automatically link login credentials with the right URL, they provide protection for the login information from phishing sites. On the other hand, the feature for generating passwords allows for the development of random, unique, and strong passwords for the user’s accounts, which have close to no chance of being predicted by hackers.
Different browsers also provide password managers, which save an individual’s passwords and allow for automatic logins. As much as browser password managers have been associated with some security concerns, recent years have seen a ramp up in the level of security that they provide. For example, Chrome users have to be logged in to view the saved passwords as they are encrypted by default. In this case, the browser relies on the authentication that is required of individuals with their devices and when login into their Google accounts for protection against unauthorized access to such passwords. Edge and Safari also rely on the security provided by login requirements for a user’s device, including a PIN in the case of a smartphone and a password in the case of a computer. It is only Firefox browser that provides users with additional security by requiring them to login using a master password in order to access the encrypted passwords. Nevertheless, as much as various safety measures have been incorporated into browser password managers, these managers remain highly vulnerable to various risks as compared to password managers provided by third-parties. Browser attacks could lead to one’s login details for the browser accounts being exposed, granting the attacker unbarred access to the other saved passwords within the browser. The passwords saved in the browser vaults are not protected by much encryption as those that are saved by dedicated password managers. As such, individuals should consider using the latter as opposed to the former. In addition to the security issues involved with browser password managers, these browsers also lack other features that are common with third-party managers, including the random generation of unique passwords.
9. Refrain from oversharing on social networking sites
In today’s society, it is common to have a social media account. With the internet being connected to almost every household, it means that individuals have 24/7 access to their social networking sites. Such sites allow individuals to build relationships and connect with other persons who share in their interests, providing them the liberty to comment, share, and post anything they find interesting. Social networking sites provide users with a profile page that allows them to create profiles of themselves, including provision of a photo and information about them that can be easily viewed by any authorized party. Any individual that is on social media has at a point shared a trending post or posted a personal rant. As much as there is no problem sharing posts and information online, there are people who share too much information about themselves including relationship updates, location check-ins, and day-to-day activities. Even though most of such oversharing is benign and boring for some of those viewing one’s timeline, there are other dangers that may not be readily visible that are associated with such conduct.
Dangers of oversharing on social media
As much as social media networks provide users with platforms to socially interact, making it fun to post photos and status updates online, excessive posting of one’s activities each day poses various dangers, especially in cases where it involves a specific location. Individuals will for sure tag the locations they visit such as the Golden Gate Bridge, Sydney Opera House, or the Eiffel Tower. Nevertheless, the location-based services provided by social networking sites provide some of the most dangerous features. The whereabouts and location of the users are exposed to third parties with much accuracy, providing viewers with real-time details. Considering someone posts updates three times in a day on a daily basis, which could include his or her coffee stop, commute, dinner, and evening out, it would only take a short time for a view to establish a movement profile of the individual. As such, posting updates concerning one’s daily activities and location on a regular basis is likely to provide a potential stalker with all the information that they require to track the user. For younger users of such social media networks, such behavior could land them right in the hands of criminal such as sexual predators, pedophiles, and even murders, who may pose as their friends behind their established profiles.
Open search features
Regardless of the levels of restrictions that one can establish on their privacy settings, social media platforms cannot guarantee that he or she would not be found on the internet. As such, there are two issues of importance when considering the implications of the open search features presented by social media platforms. To start with, all persons could be victims of online attacks even without their knowledge. Thus, sharing excessive information about oneself, including the phone number, credit card number, or addresses, even in cases where private settings are applied, could provide hackers and criminals with the information they need to engage in identity theft. The second issue involves the inclusion in the written terms and conditions of most social networking sites that they own the rights to utilize the content of users, under certain circumstances, in cases where privacy settings have not been set. Given that most of the users of such sites fail to read the ‘lengthy’ terms and conditions, it means that the shared tags, memes, videos, messages, and pictures can be used both for the benefit of the social networking sites or sold to third party advertisers.
10. Securing your social security number
There is an increasing high rate of identity theft cases in the United States as a result of the feeling among individuals that they need to utilize their social security number (SSN) for various day-to-day transactions. Some of these usages of the SSN expose it to the risk of falling in the wrong hands. Importantly, not all the entities that ask for a social security number from their clients really need it. Entities that report to the Internal Revenue Service are more justified to ask for this number as they use it to refer their reports to you. Such entities may include one’s bank or creditors, worker’s compensation, the employer, state unemployment insurance departments, welfare or state departments, and the U.S. Treasury. As much as other businesses and institutions may preserve the bright to request for the SSN, they may not need such information. Unfortunate, refusal to offer such information to some of the businesses or institutions may lead to one being denied some or all of the services or being subjected to additional conditions for the provided services such as additional fees or a deposit. Nevertheless, there are various approaches that one can take to protect his or her SSN.
Another primary measure that individuals should put in place towards protecting their SSN involves leaving the card at home when going out. Considering how rare it could be for one to be required to use the card, it risky to carry it around un a purse or wallet, or to save it on a device such as a phone or laptop. In most cases, one would only be needed to recite the number, hence the need to memorize it. On the other hand, identity thieves mainly target discarded documents and mail. Hence, it is important to avoid throwing away any documents that have an individual’s personal details, including the SSN. Shredding such documents is a highly effective way of disposing them as it leaves them in an unrecoverable state, making it difficult for identity thieves to access the information on them. It is also important for individuals to collect their mails as soon as they are brought in as some individuals may steal such mail and access personal information that could grant them the ability to engage in identity theft or other criminal engagements.
The SSN should never be used as a password for an individual’s account or accounts. As earlier discussed, hackers may be able to steal and decrypt the password file. In other cases, someone may watch as one enters the password. Accessing the password would mean that the thief also has access to one’s social security number, which they can use to engage in various criminal activities. Individuals should also avoid broadcasting their social security number through instant messages or emails. Attackers could intercept email messages and read them even as they are transmitted. Additionally, individuals should avoid leaving voice messages that have their SSN. It is best for any exchanges of the social security number to be carried out in person or through direct calls.