• Home
  • Resources
  • Staying Safe Online: A Guide To Personal Internet Security

Staying Safe Online: Optimising Personal Internet Security

A 10 step guide to help you improve your online security and optimise your setup to stay safe online.

Course Content & Quick Navigation
1. Use A Reliable Email Service Provider
2. Always Use Strong & Secure Passwords
3. Use A Password Managed App
4. Activate & Use Two Factor Authorization
5. Avoid Using Public Computers
6. Use A VPN On Public Wifi Networks
7. Never Click Untrusted Links
8. Only Use Trusted Online Banking Websites And Apps
9. Never Share Your Sensitive Information With Untrusted Individuals or Websites
10. Avoid Getting Scammed

1. Use A Reliable Email Service Provider

Your email account is your unique personal identifier for online accounts. Make sure to use a reliable email service provider to host the email account that you use to create additional account online. I recommend Gmail / Google Apps for Business.

2. Always Use Strong & Secure Passwords

It's crucial to always use strong and secure passwords for all your online accounts. You can use an app like 1Password or a website like strongpasswordgenerator.com to generate strong passwords. Both these options have password strength indicator to help you craft a strong password. A strong password has 10+ characters and includes capital letters, lowercase letters, numbers and symbols.

Avoid using names, birth years, brand names or any word in the dictionary. Ideally randomly generate a strong password or create your own using a memory trick. For example use the first letter of each word of your favourite song title and then replace certain letters with numbers and symbols.

3. Use A Password Managed App

Use a premium password manager app like 1Password to save, manage and backup your passwords. Do not use a free app and do not save your passwords in your browser (Chrome or Apple Keychain).

Make sure to setup the sync and backup features that regularly creates encrypted backups of your passwords and saves them to the cloud (for example Dropbox).

1Password also lets you save other sensitive information including credit card details, passports information, and secure notes and files. This app is available on Android, iOS, Windows and Mac OS and syncs across devices for convenience. It also works with fingerprint scanners for convenient access.

Q: What is a password manager app?

An app that lets you save, protect, manage and backup your passwords and sensitive information in an encrypted vault that you access using one single master password. Using an app makes it simple to use strong and complex passwords without needing to remember them all.

4. Activate & Use Two Factor Authorization

Where available make sure to activate and use Two Factor Authorization (TFA). This lets you add an extra layer of security to your accounts. When logging in, in addition to your username and password, you will need to provide a one time pin or password.

Depending on the system you are using this might be sent to your mobile phone or to a TFA app like Google's Authenticator app. 
Google, Dropbox, Dreamhost and Stripe are some online services that offer Two Factor Authorization.

Follow this link to activate TFA on your Google account.

5. Avoid Using Public Computers

Avoid using public computers (found in Internet cafes, backpacking hostels, libraries and airport lounges) to login to your accounts, make purchases or do online banking.

Public machines may contain keyword logging software. This software secretly records your activity including any text and passwords that you type into the keyboard and sends it to a hacker.

Instead rather use your personal laptop or mobile phone.

6. Use A VPN On Public Wifi Networks

Make sure to use a premium virtual private network (VPN) when using your device on public wifi networks including hotels, hostels, airports and malls.

A VPN encrypts and protects your information as it is sent and received from your device to the network. A VPN will also let you connect to the web using your preferred location specific server. If you are travelling for example and you'd like to access a website that is only available in the US, then you can simply connect through a US server to bypass this restriction.

There are many VPN options to choose from Avoid using a free VPN as these may collect and sell your personal information. I'm currently using VyprVPN by Goldenfrog.

7. Never Click Untrusted Links

Never click on untrusted links in an email, on social media or inside other apps like Skype or Facebook messenger.

If you don't know the sender or if the message seems out of place, then delete it. Instead contact the person using another method and ask them about the link they sent. 9 out of 10 times you'll find out that their account was compromised and that the email (with the link) was automatically sent out to all their contacts, including you.

8. Only Use Trusted Online Banking Websites And Apps

When doing your online banking make sure to use the official websites and apps. Also make sure that the website you're using is encrypted and uses the https:// instead of http://.

Never access your financial websites (banking, PayPal, Stripe, etc.) by clicking through a link in your email. Always type in the URL or search for the official website on google to make sure you land on the correct site.

Also if you are using 1Password, then you can use the browser extension, which lets you login to your favourite websites with a single click after unlocking your vault. Using the browser extension to login adds an extra security check, because the 1Password app will only automatically fill in your details and login if you are on the website that is linked to the login information.

9. Never Share Your Sensitive Information With Untrusted Individuals or Websites

There are numerous ways hackers try and get your sensitive information - via email phishing attempts, via key logging software and even via the phone.

If someone calls you claiming to be from a financial institution that you're a client of make sure that they are in fact who they claim to be. If you are unsure, hang up the phone and contact the company using the official contact channels/phone number to make sure you reach the correct person.

10. Avoid Getting Scammed

If it's too good to be true, it usually is - and it's most likely a scam.If you receive an email from a wealthy Nigerian prince that wants to wire you USD $800 000, delete the email and don't reply.

If someone you know contacts you claiming to need financial help due to an overseas emergency. Contact them directly. You'll most likely find out that they're not even travelling.

If a handsome man on a dating site charms you into a cyber relationship and asks you for financial support so he can fly to you to live happily ever after. The man is probably not who he claims to be and he will happily take your donations and never come visit. Don't get mislead.