10 general tips to help you stay safer online:
1. Never click on ads or links (links) that you are not looking for. If you look for something, never assume that every website is safe. (For example, many websites that link to popular keywords like “free” or “lyrics” can be dangerous.) Only visit well-known and established websites because they have a reliable security foundation.
2. Bookmark the websites you frequently visit to avoid misspellings, which can lead you to phishing websites. For example: Instead of going to the official website www.facebook.com, you can accidentally visit malicious websites like www.faceboook.com or www.facbook.com.
3. If you receive suspicious emails and attachments, always reconfirm with the sender using another communication channel before opening the document. Chances are this email was not sent by themselves.
4. Never believe emails or texts that sound “too real”. They can be sent from bad guys trying to install malicious code on your computer and steal passwords or other sensitive information. (For professionals, it is possible to download these files using a virtual machine (Virtual Machine) to isolate the risk – but this is also a great risk for those who do not really understand what they are do).
5. Always use multi-factor authentication wherever possible. Check for additional information regarding “my activity” or “account activities” to track possible risks with your account.
6. Do not share passwords for online services. If the bad guys get your generic password, they can gain access to other accounts. Each important service should have its own unique password. (For example, use the “Spider’s Web” method below)
7. Avoid using simple and easy to guess passwords like: words from a dictionary – “password” – or your username (username). “123456” and “qwerty” are also bad passwords. Avoid using personal information as passwords because they can be easily guessed: for example, date of birth, name of a relative, phone number, pet’s name… Also avoid sharing your password. others.
8. Taking note of your passwords can help prevent you from having to remember them, but it also comes at your own risk. Storing those passwords in email or on your device is very dangerous. If you really want to record your passphrases, make sure you write them down in a way that only you can understand (in case this information falls into someone else’s hands).
9. Avoid posting sensitive information on social media accounts, bad guys can take advantage of this information to attack you or your relationships.
10. Change the default passwords on all your devices or software to new passwords with high complexity. The bad guys are always looking for easy ways to attack you, which include using the default password list of the manufacturers (for example, the default password of the wifi router might be “password”, “Admin” or “123456”).
In addition to the above tips, below I will share more specific information to help you secure your account, the web browser (Browser), the operating system (Operating Systems), data (Data), the data connection (Communications and Traffic).
ACCOUNT SECURITY METHOD
Passwords are the most important thing you need to pay special attention to, things will get very bad if your credentials fall into the wrong hands. This is also the most common way to protect your account. In this section, you will learn how to create a good and strong password – preferably longer than 8-10 characters – to prevent the bad guys from guessing or cracking your password. You will also learn about password managers, multi-factor authentication apps and other tips for protecting your online accounts: email, social media accounts. , cloud storage…
Concept Spider’s Web Password Generator
I’ve come up with a very simple, secure, convenient and completely free password generation method called “Spider’s Web”. No need to install applications, no need to log into the website to use, all you need is just paper and pen (or can also use Microsoft Word).
Figure 1: An example of “Spider’s Web”
Figure 2: An empty copy of “Spider’s Web”
In Figure 1, we have 4 circles, each circle has 16 cells and each cell contains a random letter (capital or lower case, number or special character).
Going from the outside to the inside, circle 1 and 3 contain capital letters and numbers. These circles contain the master password, which is a simple password that you will need to remember. Note: in this circle of number 1 and number 3, the characters and numbers must be different, must not be duplicated. You do not need to use special characters in circles 1 and 3 as this will make the root password difficult to remember.
The 2nd and 4th circles contain letters, numbers, and special characters, these characters are not bold. This is the part to create passwords for your computer or online accounts such as email, social networking accounts. By using this method, you can generate complex passwords without having to remember them.
For example, you can use the short name for the online service you need to use in addition to your original password to create a separate password for each account. If you are creating a new Youtube account, you can combine a Youtube acronym such as “utube” with your original password, such as “vietnam”. As a result, you will generate a new phrase “UTUBEVIETNAM”, then you use the 2nd and 4th circles in Figure 1 to find out your “Spider’s Web” password. If you look for the letter “U” in the 3rd circle, you will see that it corresponds to the letter “^” in the 4th circle. The “T” in the 1st circle matches the letter “1” in the circle. 2nd circle. Just like that, the last result you get from the root password “UTUBEVIETNAM” corresponds to “^ 1 ^% Rz7R1E8h”. This is the password you use for your Youtube account.
The picture above is just an example to show how to use it. You need to create your own “Spider’s Web” from the blank image (Figure 2) I provided above. Just make sure that the 1st and 3rd circles contain all the characters you plan to use to generate your root passwords. You can create your own versions by hand, or use Microsoft Word, which allows you to design a “Spider’s Web” with a flexible number of tiles that can be customized to your liking. Either way, when you’re done, be sure to keep copies – you can keep them at home, in your wallet, store and phone… (make sure to take care of them though. be careful not to get lost or exposed).
You can also create more ways to generate passwords from “Spider’s Web”. For example, still using the same basic approach as above, the root password for Facebook could be: FBVIETNAM. Instead of using the method in the above step, you can jump forwards or backwards with the cells in the 2nd and 4th circles. For example, in Figure 1, the root password begins with the letter ” F “in the first circle, instead of using the letter” @ “, you can go forward 1 cell and use the letter” v “in the second circle. And so on, the end result the same received would be “v! 7WYfXlB”.
Another way is “jumping the circle”. If your Gmail password is GMVIETNAM, you will start with the letter “G” in the third circle. Instead of using the letter “6” in the 4th circle, you can jump back to the 2nd circle. and use the character “f”. Continuing to do so, you should finally have output: “f% 2aY $ alXJ2%”
There are countless ways to use “Spider’s Web”, the more complex it is, the more secure you will be. But make sure you remember the rules for generating passwords. You can use this method to improve the security of security questions commonly used in password recovery. Password recovery questions are easy to guess or crack, using “Spider’s Web” you can generate answers that are random, hard to guess, but easy to remember.
Password management software
In addition to how Spider’s Web is used, there are many other programs that support centralized password storage and management: LastPass, KeePass, Bitwarden, 1Password, DashLane Password Safe, Password Gorilla and Roboform. Some of them are cloud-based applications and can be used on many different devices, some of them can only be used on the installed device. Those who don’t trust cloud-based password managers can use offline software like Diceware. Besides providing us with tips for creating strong passwords, the management software also helps us encrypt passwords. You only need to remember a single password that is the master password and never forget it.
Multi-factor Authentication Options
Multi-factor Authentication (Multi-factor Authentication) helps improve the security of your account, use this feature on any supported platform (Gmail, Facebook…). You can use this feature for your online accounts using two-factor authentication services like Google Authenticator or Duo Security. When you log in to your account, these tools will automatically send you an authentication code via SMS or through their apps.
Several companies are also developing authentication methods that use biometrics such as fingerprints, retina, voice, or facial recognition. They can be used to access your device or confirm payments like Alibaba or Apple. If you don’t want to use the biometric authentication option then the best option is still the password.
For those who want to explore more about this, there are hardware devices that support multi-factor authentication: MobiKey’s Two-Step Authentication USB, NitroKey and Yubikey U2F. These devices create a secure connection with your device without going through a virtual machine. In addition, there are cards with special security chips like qwertycards.com
SECURITY WEB BROWSER
There are many types of secure web browsers on the market today such as Brave, Comodo Dragon, Epic Browser, TOR Browser or popular ones like Firefox Quantum, Microsoft Edge and Google Chromium. Most web browsers offer privacy and security options, such as hiding your real IP address, or detecting suspicious cookies that are tracking your online activities. But the problem is, when choosing a browser, the more popular that browser is, the more it will be the main target of hackers, cybercriminals and spies to find vulnerabilities and insert malicious code into the device. your device.
HTTPS Everywhere is a great addon for web browsers like Firefox, Chromium, and Opera. It ensures that the connection between you and the website is secured by encrypting the connection using Transport Layer Socket (TLS) or Secure Socket Layer (SSL) protocol. This helps prevent others from eavesdropping on your connection. This is the current best solution, but it doesn’t completely prevent eavesdropping either. Hackers can use a hacking technique called “man-in-the-middle”, where stealing or tampering your TLS / SSL certificate will allow them to interfere with the connection between you and your website. connect.
There are a number of add-ons that are also very useful in blocking ads, cookies… such as Ublock Origin, Adblock Browser, FlashBlock, Disconnect, Privacy Badger, Ghostery and NoScript. They can prevent online activity from being tracked, or lure you into accessing malicious websites.
SECURITY OS (OS)
Like a browser, no operating system is perfect. Each operating system has its own strengths and weaknesses. For example, the Microsoft Windows operating system has a lot of powerful protection features, but because it is so popular and has a huge user base, it has always been a primary target targeted at the bad guys. There are also guest operating systems like Whonix, Qubes, TAILS, Ubuntu, RedHat, Mac OS, Google Chrome OS and Gallium OS. Mobile operating systems include Google Android, Apple iOS. Mobile operating systems are becoming an attractive target for hackers because everyone owns a smartphone today. The key to keeping you out of hackers’ sights is to regularly update new versions of your operating system and other software.
Besides choosing the right OS there is also a lot of software to help protect us. Includes solutions to encrypt data or encrypt entire hard drives such as Viivo, Veracrypt, BitLocker, FileVault, WinMagic, and Whole Disk Encryption. The most popular are anti-virus software, famous names can be mentioned: Cylance, Kaspersky, Norton, AVG, BitDefender, Malwarebytes, McAfee… They help detect, isolate, remove viruses and other types of malware. other. However, relying on the software alone is not enough. It is important to disable the “auto-run” feature on your device to make sure viruses or other malicious code are not executed automatically or run from a device such as a USB flash drive. The golden rule of thumb is to always scan for portable devices like USBs, CDs… with anti-virus software.
Some other useful tips:
- To minimize the risk, keep all software up to date. If software you don’t use, remove them.
- Turn on the “auto-update” feature on your device to help the operating system automatically update to the latest patches to help combat security risks.
- Unless you know what you’re doing, don’t jail break your device.
- Always download software from reputable and trusted websites. If you are not looking for a piece of software, be careful not to be tricked into installing fake antivirus software.
- Always use a firewall. This is usually a feature available on the operating systems, which will help prevent invalid connections to your device. There are also plenty of third-party software out there that cater to this need.
DATA SECURITY AND CONNECTION
Today, hackers, cybercriminals and spies have tools to track and record your calls, messages, photos and emails. It will be helpful if you are equipped with the knowledge to combat these risks. Fortunately, connection encryption services are increasingly popular, widely adopted and easy to use. They can help encrypt messages, calls, emails, and shared files. A few popular platforms: Signal, Wickr, Redphone, Telegram, ProtonMail, PGP (Pretty Good Privacy), and many more. However, the end-to-end encryption communication service works only when two people (or more) agree and use the same service. You also need to always make sure that the person you think you are talking to is exactly the person you want to talk to. To be more careful, use cryptophones, phones with built-in encryption.
Backup data is also an important security measure but needs to be done securely. In recent years, cloud storage has become ubiquitous. Popular providers include: Dropbox, Google Drive, Amazon AWS. The benefit of backup is to protect against risks such as hard drive failure, virus infection or device theft. Some services support data encryption for you, but you should encrypt your data yourself before uploading them. Those who require more privacy can build their own hosting solution using private servers (private servers) or virtual servers (VPS – Virtual Private Server) and platforms like Docker Hub, NextCloud , OwnCloud.
For those who do not trust cloud services, or want additional layers of protection, other backups can store their important data on a hard drive or other encrypted device. For extremely important documents, you can also print them out as hard copies and carefully store them.
Some useful tips:
- By reading the Term of Service (TOS) of an online service, you’ll get an idea of what you’re dealing with. Nothing in this world is free, everything has its own hidden costs, and it’s up to you to decide whether to use it or not. All you need to do is be very careful.
- Before buying a “smart” device, consider first whether it is safe to use for your home. Usually, you can make adjustments to these privacy-related features. Devices like Amazon Echo or Google Home will constantly record, you should not say anything too sensitive because they will be kept by the company or transferred to another unit.
- Cover your webcam or camera with a piece of black paper when you’re not using them. This will help prevent others from spying on you.
- Wifi security is also very important to help prevent data eavesdropping on your Internet access. Important Notes: Use strong passwords, stay up to date with the latest firmware versions, turn off Wifi Protected Setup (WPS) and use a Wifi router with the latest security features (e.g. encryption). Sensitive data can also be recovered from old hard drives. To make sure they don’t fall into the hands of others, use software like WipeInfo.
SECURITY INTERNET CONNECTION
The options below help you to protect your Internet access. They can protect your identity and protect you from snoopers. You may think they will be difficult to apply, but in reality, these are very simple solutions to help protect your privacy.
Virtual Private Network (VPN)
VPNs are often used by businesses when they want to allow their employees to access the company’s servers over a secure network. Employees can work safely when they are out of the office. VPN is also the simplest way to stay secure when using Wifi – no matter where you are and no matter how less secure the WiFi network you are using. VPN has a lot of features: it helps you protect your real IP, encrypts data on your Internet connection, which will mess with eavesdroppers or administrators connecting to public Wi-Fi that you connect to. connection (eg cafe, airport lounge…)
Few reputable VPN service providers: F-Secure Freedome, NordVPN, ProtonVPN and Sprint Secure Wifi. After you purchase a VPN service, the service providers will provide you with instructions for use and login information.
Proxies (Proxies) are a fairly simple way to protect your privacy, but they have poor connection quality and are often handy for personal tasks or temporary activities. Proxies services are usually free, while many proxies services are subscription-based.
The Onion Router (TOR)
TOR is a great alternative to proxies. This is an independent technology project by the United States Department Of Defense (DOD), and is supported by many other groups. TOR helps protect your Internet connection by using its algorithm to hide your real IP address. TOR is not an absolute security technology, the FBI proved this by “turning off the power” of the Silk Road system and arresting its admin. But if you are citizens “live and work according to the law” and just want to protect your Internet connection from the eyes of curious people, then you can use TOR freely. You can even contribute to the overall development of the TOR, simply by using it. The more people join the network, the more secure it is.
Virtual Machine (VM)
Another way to protect your access is to set up a virtual machine on your computer. This allows you to emulate another computer system, with the operating system and other software as usual, on your hardware system. One advantage of this is that there is no costly purchase of a new computer. But its main benefit is that it isolates your real system and avoids disclosure of information like your hard drive’s MAC address and Serial Number. It creates a more comfortable environment for you, especially when you want to do some protection for your real machine from being snooped on or infected with malware.
You can set up a virtual machine using software like Oracle VM Virtual Box, VMware, or QEMU.org. For example, if you use a free Oracle service, you can choose to set up your virtual machine using Linux OS, Windows OS, or Mac OS. There is a lot of information out there that gives you more detailed instructions on virtual machines and how to set them up. If you have multiple hard drives, you can create multiple virtual machines to use for a variety of purposes. You can even set up an identical version of the virtual machine you are using on a removable device like a USB, or set up a virtual machine on the Internet and be able to log into them using smartphone.
Virtual Private Server (VPS)
A virtual server (VPS) is like a virtual machine (VM), it does not require you to set up a real server to be able to protect your connection. Setting up a physical server can be a lot of time and money, whereas VPS can be purchased at very low prices from hosting providers. A few popular hosting providers: Amazon AWS, SAP, Heroku, Rackspace, DigitalOcean and Dreamhost. A VPS helps provide an extra layer of security, similar to how VMs support. It helps you avoid leaking real information of your computer such as MAC address, Serial hard drive, and IP address.
Combine your options
Depending on your level of security and what you want, you can combine multiple methods in different ways. However, the more layers of protection, the slower your Internet speed will be, you need to consider and balance your needs. Many people have used this model:
Your device → VPN → Internet
But you can get creative and add more layers of security. Two other models that I recommend include:
Your device → VPN → TOR → Internet
Your device → VPS → VPN → Internet
Those who need even more privacy can even use the model
Your device → VM → VPS → VPN → TOR → Internet
There are countless models you can choose from, be creative. None of them are perfect, but at least they will make it more difficult for the bad guys.