-Change your passwords often and use unique passwords always. Seems obvious but it's such a hassle most people don't bother. The bother is worth it. One good way to see if your password has been stolen is to check this site
https://haveibeenpwned.com/Passwords
which checks your pass against a database of known data breaches. Interesting and useful. If you pass shows up CHANGE IT NOW! I recently bit the bullet and started using LastPass, which stores all your passwords under a single password. It is available as a browser extension and is quite easy to use. Makes life easier AND safer.
-Never, ever, ever go online without using anti-malware, anti-virus and firewall software. Again, seems obvious but many people don't. As much as I hate to say it Microsoft's Windows Defender has matured into a viable option. First thing I do with any new computer is remove whatever trial security software might be there. Most are bloated and many are NOT secure no matter what they claim. I am quite a fan of MalwareBytes as an anti-malware solution.
-Use some manner of adblocker and redirect blocker in your browser of choice. I used Opera for years and loved it for it's small footprint, but now that my equipment has gotten better and memory isn't such an issue I use Firefox for almost everything. Mostly for the security extensions. I use Adblock Plus, Privacy Badger and Skip Redirect and I've had good results.
-Don't be stupid This seems to be the hard one for a lot of people. The rules are pretty simple. If it seems too good to be true, it probably is. Most modern browsers will show you the URL behind a hotlink by hovering over it. If you don't recognize the link or email address, or if the link isn't going where you think it will be going, DON'T CLICK IT! Learn a bit about how links work and keep up a bit with current scams going around. The internet is a lot like walking in a city you don't know. Be aware, be cautious and keep you eyes and brain open.
Another interesting and useful option for Google and Facebook allows you to download a complete copy of your history on the site for review. This WILL result in a very large amount of data, so be warned!!! My Google history resulted in a nearly 10 GIGABYTE download, most of which was Google Drive! You do have the option to choose which services' data you download so you might wish to skip Drive.
-Google allows you to see your activity here. Or you can download it. CNBC has a useful article that will walk you through the steps here. You'll get an email in a day or two giving 1gb sized links to the download. I noticed some redundancy but it's certainly complete.
-Facebook also allows history download. Go to your homepage. Click the down carat (arrow) next to the question mark in the blue toolbar at the top and click "settings" which takes you to "General Account Settings". Below "Delete Your Account" there is an option to "Download a copy of your FaceBook data". It's a slow process which may take a few days, but you'll receive an email to a link. The download can be VERY large, and it's VERY complete.
Anyone else have similar links to other portals? Please post them in the comments.
Question: Is the haveibeenpwned site a way to gather passwords into a massive database to use for bruteforcing passwords?
ReplyDeleteAlso, did you type this post in the nude? I'm asking for a friend from Canada.