Security is key. With so many people out there wanting to take advantage of others, you must be knowledgeable on how to protect your online identity in order to limit the chances of fraud or theft. Below you can find many tips and tricks to help you start out. Hopefully with the input of others, this will be the go to security thread (not that there's any other alternative).
General/Obvious Stuff
Below are some very simple/obvious tips for beginners on the net. It's unlikely that anyone here is unaware of these but if there are any novices reading, they may come in handy.
Passwords
A strong password is the key to security. Below you can find some tips on how to be password wise.
Making Strong Passwords
There are many great guides out there on how to create strong passwords. A good starting point is this or this.
The Best Passwords
In general, try to use both uppercase and lowercase characters as well as symbols and numbers. Make sure you keep your password no shorter than 9 characters. 12 characters is optimal. It's best to try and use non dictionary words (Password@01 isn't secure). Smart hackers will have all the common pass phrases checked instantly so passwords like the example earlier would be cracked within seconds at most.
Password Managers
Password managers are a God send. If you want truly secure passwords for each site you visit, you'll need to use one. All password managers have a password generating tool and it's recommended you use it for very important accounts. Yes, it can be annoying typing them out on foreign computers (you have auto fill on your own computer) but they can help a lot.
LastPass is a brilliant choice that I personally use. It has plenty of options to play around with and you don't have to worry about not having access to your passwords on other computers as there are mobile apps to use and the option to log into your account from anywhere to see all of your passwords.
You can also check out KeePass and 1Password.
Just remember not to forget your master password and be sure to use something secure! If you want even more protection, LastPass offers the chance to add another layer of verification for a price. This may be an annoyance but if you're interested, click here. There's also a free second layer grid authentication system. You can find more about it from their site but it's pretty annoying to use and can be compromised as it's stored on their server.
Anti-Virus Programs
NOD32 [PAID]
A great light weight anti-virus. Tried it before and it didnt slow my computer down at all and it worked great.
Kaspersky [PAID]
Another very popular anti-virus that offers a lot of protection for most things.
Microsoft Security Essentials [FREE]
My personal recommendation. Not beefy but enough to live on. Completely free and works fine. Surprisingly doesn't have the usual Microsoft bloat you see on their other programs.
AVG [FREE]
The most popular free anti-virus. Not perfect but if you don't want to pay and don't want to rely on the protection provided by Windows, this is one of the best options. Be ready for lots of false negatives though (more than other programs at least).
Avast [FREE]
Never personally tried it but it's fairly popular. I would stick with one of the above though.
Avira [FREE/PAID]
Another popular free anti-virus recommended by a poster in this thread.
There are plenty more anti-virus programs out there that you can check out but the above are the best in the business. Click here to find out more.
Anti-virus programs are great but they're not perfect. Be sure to keep them up to date (they usually auto update) and remember to use common sense (see General/Obvious Stuff).
WARNING: If you want to replace an anti-virus program, make sure you completely delete all traces of it before installing a new one as this can cause some serious issues. Google for specific removal instructions for your anti-virus.
Anti-Malware Programs
Malwarebytes [FREE]
One of the most popular anti-malware programs out there. Definitely recommend this
CCleaner [FREE]
Not really an anti-malware program but this helps keep your computer clean from unwanted cookies. It's a nice addition to your protection.
Securing Your Files
If you have sensitive files you don't want others getting a hold of, you can encrypt them so that they can only be accessed with a password.
TrueCrypt is a free open source piece of software that allows you to encrypt your files. Probably the most popular option out there and the most flexible.
AxCrypt is another option. There's a portable version to take with you incase you want to decrypt a file on a foreign computer. This allows the decryption of single files or folders. Less flexible than TrueCrypt but may be more user friendly.
HTTPS
Several sites offer a secure connection that you may not be aware of. No idea what HTTPS is? Click here to find out more.
Don't want to enable the feature for each site separately? Try this Firefox extension or this if you're a Chrome user.
Facebook
Enable HTTPS
Go to Account > Account settings > Account security
This helps protect yourself from hackers trying to intercept your connection with Facebook. However, it may also stop certain applications from working.
Privacy Settings
There are many, many settings to play around with for your account. Sadly, most people neglect these and leave their information open to the public.
Got to Account > Privacy settings > Customise settings
Edit all options to your liking to help keep your information safe. To make this easier, it is recommended to make several groups for your friends (e.g. acquaintances, close friends and family). That way you can personalise your privacy settings so that certain groups only see certain things. It is highly recommended to make no information available for everyone to see. If you must, only let the public see enough information so that only your friends recognise you (e.g. your favorite tv shows).
Twitter
Enable HTTPS by going to Settings > HTTPS only
Gmail/Google Accounts
Enable HTTPS
To enable this on your gmail, go to Settings and click on 'Always use https'
Enable 2 Step Verification
2 step verification gives your google account a second layer of security so that even if a thief/hacker gets your password, they wont be able to log into your account. Click here to read more.
Google Search
Use the encrypted search engine by visiting: https://encrypted.google.com/
Steam
Pretty much all PC gamers out there are likely to have Steam installed. If you want an extra layer of security for your account, you can use a feature called 'Steam Guard'. Like Googles 2 step verification, you can only log into your account from a different computer if you have a certain key which is emailed to you. Click here for more information.
NoScript
NoScript is a firefox plugin that prevents sites from carrying out any sneaky moves. You can set it to control certain sites or to apply to everything. This can help with things like the Facebook ClickJacking spam (where you click on a link posted by a friend and it automatically spams your wall). You can check it out here.
Privoxy
Privoxy is an online proxy that helps protect your privacy. It limits the information sent to sites about you. Click here on information on how to set it up (skip the stuff about Hamachi if it's for your home computer).
Extra
General online security guide [ARTICLE]
Watch what you post online [VIDEO]
Quick Recap
If there's something I've missed that you want to included, tell me. If I've made any mistakes, be sure to point them out. Hopefully this will be of help! The main aim of this thread is to provide a place for general security talk and a place to go to for the latest information.
General/Obvious Stuff
Below are some very simple/obvious tips for beginners on the net. It's unlikely that anyone here is unaware of these but if there are any novices reading, they may come in handy.
- You're not the 1,000,000th visitor to fr33giftz.com. Don't click on any competition ads. Better yet, don't click on any ads as they're likely to install cookies or other crap that you don't need on your computer
- Try not to use any identifying details on the net. Feel free to use fake details
- Don't go on sites that seem sketchy
- Don't go downloading everything you find on the internet. Try to stick to popular/well known sites and only download things that you need
- Sharing pictures of yourself online is all good but be careful. Yes they can be a security issue but I've put this here as it can be more of a nuisance. The same goes for things you write. When you put something on the internet it can be very tough to completely eradicate
- If you don't want people to easily track you down, don't use the same username on every site you sign up to. Also, hide your email address everywhere possible
Passwords
A strong password is the key to security. Below you can find some tips on how to be password wise.
Making Strong Passwords
There are many great guides out there on how to create strong passwords. A good starting point is this or this.
The Best Passwords
In general, try to use both uppercase and lowercase characters as well as symbols and numbers. Make sure you keep your password no shorter than 9 characters. 12 characters is optimal. It's best to try and use non dictionary words (Password@01 isn't secure). Smart hackers will have all the common pass phrases checked instantly so passwords like the example earlier would be cracked within seconds at most.
Password Managers
Password managers are a God send. If you want truly secure passwords for each site you visit, you'll need to use one. All password managers have a password generating tool and it's recommended you use it for very important accounts. Yes, it can be annoying typing them out on foreign computers (you have auto fill on your own computer) but they can help a lot.
LastPass is a brilliant choice that I personally use. It has plenty of options to play around with and you don't have to worry about not having access to your passwords on other computers as there are mobile apps to use and the option to log into your account from anywhere to see all of your passwords.
You can also check out KeePass and 1Password.
Just remember not to forget your master password and be sure to use something secure! If you want even more protection, LastPass offers the chance to add another layer of verification for a price. This may be an annoyance but if you're interested, click here. There's also a free second layer grid authentication system. You can find more about it from their site but it's pretty annoying to use and can be compromised as it's stored on their server.
Anti-Virus Programs
NOD32 [PAID]
A great light weight anti-virus. Tried it before and it didnt slow my computer down at all and it worked great.
Kaspersky [PAID]
Another very popular anti-virus that offers a lot of protection for most things.
Microsoft Security Essentials [FREE]
My personal recommendation. Not beefy but enough to live on. Completely free and works fine. Surprisingly doesn't have the usual Microsoft bloat you see on their other programs.
AVG [FREE]
The most popular free anti-virus. Not perfect but if you don't want to pay and don't want to rely on the protection provided by Windows, this is one of the best options. Be ready for lots of false negatives though (more than other programs at least).
Avast [FREE]
Never personally tried it but it's fairly popular. I would stick with one of the above though.
Avira [FREE/PAID]
Another popular free anti-virus recommended by a poster in this thread.
There are plenty more anti-virus programs out there that you can check out but the above are the best in the business. Click here to find out more.
Anti-virus programs are great but they're not perfect. Be sure to keep them up to date (they usually auto update) and remember to use common sense (see General/Obvious Stuff).
WARNING: If you want to replace an anti-virus program, make sure you completely delete all traces of it before installing a new one as this can cause some serious issues. Google for specific removal instructions for your anti-virus.
Anti-Malware Programs
Malwarebytes [FREE]
One of the most popular anti-malware programs out there. Definitely recommend this
CCleaner [FREE]
Not really an anti-malware program but this helps keep your computer clean from unwanted cookies. It's a nice addition to your protection.
Securing Your Files
If you have sensitive files you don't want others getting a hold of, you can encrypt them so that they can only be accessed with a password.
TrueCrypt is a free open source piece of software that allows you to encrypt your files. Probably the most popular option out there and the most flexible.
AxCrypt is another option. There's a portable version to take with you incase you want to decrypt a file on a foreign computer. This allows the decryption of single files or folders. Less flexible than TrueCrypt but may be more user friendly.
HTTPS
Several sites offer a secure connection that you may not be aware of. No idea what HTTPS is? Click here to find out more.
Don't want to enable the feature for each site separately? Try this Firefox extension or this if you're a Chrome user.
Enable HTTPS
Go to Account > Account settings > Account security
This helps protect yourself from hackers trying to intercept your connection with Facebook. However, it may also stop certain applications from working.
Privacy Settings
There are many, many settings to play around with for your account. Sadly, most people neglect these and leave their information open to the public.
Got to Account > Privacy settings > Customise settings
Edit all options to your liking to help keep your information safe. To make this easier, it is recommended to make several groups for your friends (e.g. acquaintances, close friends and family). That way you can personalise your privacy settings so that certain groups only see certain things. It is highly recommended to make no information available for everyone to see. If you must, only let the public see enough information so that only your friends recognise you (e.g. your favorite tv shows).
Enable HTTPS by going to Settings > HTTPS only
Gmail/Google Accounts
Enable HTTPS
To enable this on your gmail, go to Settings and click on 'Always use https'
Enable 2 Step Verification
2 step verification gives your google account a second layer of security so that even if a thief/hacker gets your password, they wont be able to log into your account. Click here to read more.
Google Search
Use the encrypted search engine by visiting: https://encrypted.google.com/
Steam
Pretty much all PC gamers out there are likely to have Steam installed. If you want an extra layer of security for your account, you can use a feature called 'Steam Guard'. Like Googles 2 step verification, you can only log into your account from a different computer if you have a certain key which is emailed to you. Click here for more information.
NoScript
NoScript is a firefox plugin that prevents sites from carrying out any sneaky moves. You can set it to control certain sites or to apply to everything. This can help with things like the Facebook ClickJacking spam (where you click on a link posted by a friend and it automatically spams your wall). You can check it out here.
Privoxy
Privoxy is an online proxy that helps protect your privacy. It limits the information sent to sites about you. Click here on information on how to set it up (skip the stuff about Hamachi if it's for your home computer).
Extra
General online security guide [ARTICLE]
Watch what you post online [VIDEO]
Quick Recap
- Install an anti-virus
- Install some anti-malware
- Don't post your real details online. Use a temporary email if you don't want to use yours
- Always hide your email when given the choice
- Use a different username for each site
- Use passwords that are at least 9 characters long with lower and upper case characters, symbols and numbers
- Don't visit dodgy sites and be smart
If there's something I've missed that you want to included, tell me. If I've made any mistakes, be sure to point them out. Hopefully this will be of help! The main aim of this thread is to provide a place for general security talk and a place to go to for the latest information.
I was not aware of programs like LastPass.
