You are probably here because you are concerned about the security and privacy of your online presence. You maybe shocked to know that major search engines and social networks like Google,Yahoo, Bing and Facebook keeps track of what you search and which other websites you visit. In this article I am briefing about password security, email encryption and online privacy.
Use a strong passwordUse uppercase and lowercase characters together with special symbols. Good passwords are generally more than eight characters long. Make sure you use a different password for every online service. Most password managers such as Passpack have in-built strong password generators.
Protecting your passwords and accounts
You may find this option under account setting on some web services. If available set the option to "Always use HTTPS". If you re not using HTTPS when log in to web sites your credentials will be transmitted in plain text. This is a highly risky because a WiFi hacker or a network sniffer can easily see your credentials. Therefore before supplying your credentials to the web site make sure that the URL starts with https, not http.
Enable 2-factor authentication
Some web services like Gmail, Hotmail and Facebook support 2-factor authentication, which means that you will get a one time security code by SMS when you attempt to login with the correct password. You will need to enter this security code to access your account. So even if your account password gets stolen it would be of no use to them. You will find this option under account setting/setup in supported web services.
Use an online Password manager
For this purpose Passpack or Lastpass gets the job done. Both of these services offer free plans. Choose your preferred online password manager to store all your online credentials. Visit the service website and learn how to get started. Make sure the service supports 2-factor authentication. Both Passpack and Lastpass supports 2-factor authentication which requires a Yubikey (a USB device which generates one time passwords - OTP which costs US$ 25).
If you don't want to spend a few dollars on the Yubikey your choice might be Lastpass, which provides a cross-platform portable software called Lastpass Sesame which generates an OTP. This service is only available to Lastpass premium service (US$ 12/yr as of writing this article). For the cheaper choice I prefer Passpack free plan with Yubikey, So you only spend US$ 25 for the Yubikey and that's it. If you are using Passpack Make sure you backup your data and store it in a safe place, in case you lose your Yubikey.
What is an OTP?
One time password (OTP) is a unique password which is generated by a security token device or application. Each time you use the device a different password is generated, effectively defeating key stroke loggers. Therefore you don't have to worry about your OTP being recorded since after you log off, the password used for that session becomes invalid.
Mind your online privacyAre you aware that some ISP's are injecting their own content into your search results? And some websites are tracking your online activity? Read on to learn how to defeat them.
When you type a URL in your browser your ISP forwards the request to a server which translates the address into an IP address which is send back to the browser. Some ISP's hijack Dynamic Name Server (DNS) queries to inject advertisements into your search results. OpenDNS gives you complete control over your internet so that you can filter inappropriate web sites and be protected from malware sites. You can configure you internet router or your PC for OpenDNS. Go to OpenDNS website to create a free account and learn how to setup OpenDNS for your internet. Please note that some ISP's does not allow you to use third party DNS.
Stop Cookie tracking
There is a neat little plugin called Disconnect for Chrome and Firefox which will prevent websites to track your search results and other websites you visit. Install these plugins and say goodbye to cookie tracking.
If you want to delete browser history, cookies and auto-complete data download CCleaner. CCleaner cleans your PC including registry, temporary files and browser history.
Emails travel over networks before it reaches its final destination server. Emails are often intercepted by hackers and government agencies. And worse, the email provider may handover your entire email archive to government agencies if requested. Make all your emails readable only to the intended person by using Pretty Good Privacy (PGP) encryption. If you are using Thunderbird as your email desktop client, Lifehacker has a good tutorial on how to setup PGP for the client. If you are using Outlook go and grab Gpg4Win and browse through the documentation to learn how to setup email encryption for outlook.