My Results: Security: How the Internet Works

Protect Yourself from Account Theft

Control access to your devices and accounts with good passwords.

  1. Require a passcode and/or fingerprint verification to access your smartphone and other devices. Set a strong password if you can. (But even a short PIN or swipe pattern is better than nothing.)
  2. Create strong passwords for all of your accounts on apps, sites, and services.
  3. Don't share your passwords or PINs with anyone, even people you trust.
  4. Physically block the view of your keyboard or screen from onlookers when you're entering a password while in a public space.
  5. Use different passwords for different services and devices, especially the ones with the most sensitive information about you. If you’re worried about remembering all of your passwords, you can use password management software that allows you to create one "master password", then does the rest for you:
  6. Don't have your web browser or phone automatically "remember" your passwords.
  7. For your most important accounts, use two-step verification, where the service sends you a code—usually to your phone—when you want to log in. This prevents others from using your account even if they guess your password. You can enter "two-step verification" and the name of the service in a search engine to find instructions.

If a service offers you a choice about your "password recovery questions", don't use information about you that someone could easily get from your social-media profiles, that is otherwise public information, or that is easy to guess because it has a limited set of likely answers.

If a company or website tells you your account has been compromised, take care of it as soon as possible. But be careful; many scammers use fake security notifications (phishing) to breach your security.

  1. If you know one of your accounts has been hacked, change the password immediately, then contact the provider. Use this guide:
  2. Change the passwords for any other accounts that use the same password, or where your account recovery information may be stored in the hacked account.
  3. If you get email or a pop-up message on your screen saying you have a security problem, don't click on any links or buttons in the message! Instead, go directly to the company's or provider's website (type the URL in your browser or use a search engine). Use the provider's Contact page or call them to find out if there's really a problem.
  4. Use this site as a backup to check if any of your accounts have been hacked:
  5. Keep in mind that if a hacker has copied your contacts and profile, they'll always be able to use that information, even if you secure your account against future attacks.

Protect yourself from viruses, worms, and other malware by:

  1. Keeping your software up to date and installing (or at least running) antivirus software on all your devices.
  2. Only downloading files from sources you trust—and that you're sure haven't been hacked.
  3. Doing a quick search on the name of unfamiliar apps or services before downloading or using them. If they're malware or vulnerable to malware, a warning will usually turn up in the top few search results.

Use these resources to help you learn more about basic computer security topics:

Keep in mind that people who communicate with you online may not be who they say they are.

  1. Before sharing information online with someone you know, think about whether or not their online behavior matches their behavior in other parts of your life. If it doesn’t, their account may have been hacked.
  2. If you’re not sure of the identity of a person or organization, call them on the phone (using a number you already have) before sharing anything important or personal.
  3. Use this guide to help you recognize suspicious email messages:

Secure Your Communication Channels

Be selective about using public wifi networks. Wireless networks with “WPA2” encryption are the most secure.

  1. Set your phone or computer to ask you before joining a new wireless network (rather than connecting automatically). Don't join a network if you don't know who's providing it. Ask before you connect.
  2. Try to avoid any wireless network that is not password protected or where many people have access to the password, such as those in coffee shops, and airports.
  3. If you have to use a public wifi network, only login to "HTTPS" websites. Avoid banking and shopping activities. Use these tips to reduce the risk of eavesdropping:
  4. If you frequently use public wireless, consider setting up a Virtual Private Network. VPNs are also useful for accessing a business network remotely, or accessing your home network while travelling.

Whenever possible, use encrypted web browsing.

  1. Look in the address bar to see if the website you are using is encrypted. If it says "HTTP", the website is not encrypted. If it says "HTTPS", the website is encrypted.
  2. If you're not sure whether the mobile app for a particular service uses encryption, try the service using a web browser instead, so you can check for "HTTPS".
  3. Install this browser add-on to open major websites with encryption by default:
  4. If you like a website that isn't HTTPS, tell them about Let's Encrypt.

Note that using HTTPS only protects your communications from hackers spying on the network you're using. The site or app delivering the communication still sees it unscrambled.

There are a number of tools for encrypting specific types of communications, like email, chats, and text messages, so that even the app or site that delivers the communication can't read it. Most of these tools are useful only if the recipient is also using encryption technology and has the key to decode your messages. Use these directories and guides to help you choose encryption tools that work for you:

Cell phones, computers, and other devices are important to our lives, but they can also be used by others to track where we are. If you believe someone is harassing, stalking, or abusing you, it's important to make sure you take the steps needed to ensure your devices are not being monitored.

  1. Spyware can make it easy for perpetrators to stalk, track, monitor, and/or harass victims. Learn how to protect yourself from spyware:
  2. Develop your cell phone safety plan to protect against tracking:

Resources to Learn More About the Topic

Back to Top