With the new year and decade (!) almost upon us, it’s time to sit down and draw up a few aspirational New Year’s resolutions. You might want to hit the gym more, check a few travel goals off your list (even if it may be virtual), or stay in closer touch with friends and family.
We have a few cybersecurity-related resolutions that you may want to consider adding to your list if you haven’t done them already. Some of these will just take seconds, while some may end up taking forever (like updating your devices—we’re joking, almost).
Check out these cybersecurity New Year’s resolutions for 2020:
- Use HTTPS Everywhere
- Start using a secure messaging app
- Start using a privacy-oriented browser too
- Use strong passwords; store them in a password manager
- Use 2FA and MFA wherever possible
- Be wary of public Wi-Fi
- Be more careful about what you share online
- Delete accounts that you no longer need
- Think before clicking on that email link
- Update your devices
- 1 1. Use HTTPS Everywhere
- 2 2. Make the switch to a more secure messaging app
- 3 3. Start using a privacy-oriented browser, too
- 4 4. Use strong passwords and store them in a password manager
- 5 5. Use 2FA and MFA wherever possible
- 6 6. Be more wary of public Wi-Fi
- 7 7. Be more careful about what you share online
- 8 8. Delete accounts that you no longer use
- 9 9. Think twice before clicking that email link
- 10 10. Update your devices
1. Use HTTPS Everywhere
If a website uses HTTPS (indicated by the green lock in the browser bar), that means the data between your browser and the website’s server is encrypted.
There are still plenty of websites that do not offer this basic HTTPS encryption, though, exposing your data to your ISP, your server’s ISP, your Wi-Fi router/operator, and any entity between your ISP and the server’s ISP.
With the EFF’s HTTPS Everywhere extension (available for Firefox and Chrome, and included with the ExpressVPN browser extensions), you can ensure all of the data traveling between your browser and a website’s server is encrypted. You can cross this resolution off in seconds.
- Get HTTPS Everywhere
2. Make the switch to a more secure messaging app
From WhatsApp to Snapchat, messaging apps provide an easy service to communicate with friends, family, and co-workers.
But without encryption, your messages could be read by the company behind the app, third parties, and governments that collect private data on their citizens.
Thankfully, several messaging apps use end-to-end encryption to prevent anyone except you and the intended recipient from seeing the messages’ contents. We recommend getting Signal (available on iOS, Android, and Desktop), because it arguably has the most secure messaging protocol of the lot, is end-to-end encrypted by default, and is entirely open source so its security can be vouched for.
Perhaps the hardest part about using these messaging apps is getting everyone else you message to use the same app you do. But your personal privacy and security are worth it.
- Best messaging apps for keeping your messages private and secure
- How to protect your messaging apps with a password
3. Start using a privacy-oriented browser, too
Ideally your browser should be updated often to protect you from new threats.
We ranked the most popular browsers based on privacy and security, and while Tor Browser came out on top, we found Firefox and Chromium-based Brave to be better suited for daily use. Both are open source and have a variety of content and ad-blocking options.
- The most popular browsers ranked by their privacy and security
- What is browser compartmentalization?
4. Use strong passwords and store them in a password manager
You’ll have heard this before, but “password” is NOT a good password. Neither is your name, date of birth, nor your hometown. Make your passwords more difficult to guess—such as by using a random password generator—and store them in a password manager. That way, you’ll only need to remember the password for your password manager. Just don’t write it down.
- ExpressVPN’s Random Password Generator
- How to use a password manager
5. Use 2FA and MFA wherever possible
One password is simply not secure enough anymore—you’ll want to double up your protection with another pass code. This doubling up of passwords is often called two-factor or multi-factor authentication and is quickly becoming a standard form of additional security required for your accounts. You probably already do this in some capacity with an SMS code sent to your phone or with an app.
- Why should I use two-factor authentication?
- Which two-factor authentication method should you use?
6. Be more wary of public Wi-Fi
There may be a lot of public Wi-Fi hotspots to latch your device onto for free access to the internet. But that often means your online activity is at the mercy of the Wi-Fi provider, which, if unencrypted, could expose your traffic to anyone.
Aside from using a VPN to protect yourself on public Wi-Fi, make sure you’re not automatically connecting to these networks, use data if you can, and avoid submitting sensitive information like your credit card on public Wi-Fi networks.
- What information passes through mobile Wi-Fi networks
- How public Wi-Fi comes at a price to its users
- How to use a VPN to protect yourself on public Wi-Fi
Sometimes it’s hard not to share what you’re up to on Facebook and Instagram or shout into the Twitter void. Be aware though that when you do, there is always a chance that someone can figure out what you’re doing, where you are, and who you’re with.
A lot can be done with that information, not least to phish you, or target you with a social engineering attack. Go through your photos and make them private on social media, or delete your posts altogether if you think it gives too much away.
- How to make your photos more private on social media
- What is social engineering?
- What is phishing?
8. Delete accounts that you no longer use
Facebook no longer sparking joy? Stopped using apps and services you signed up for? Just Delete Me has a useful aggregate of websites and services that helps you figure out if you can delete your various accounts. If you want to #DeleteFacebook or other social media and messaging accounts, we have a guide for it.
- How to permanently delete what Google knows about you
- How to delete all your online accounts
All the security in the world can’t help you if you fall for a phishing attempt. Learn how to defend yourself against phishing attacks and when to question requests for your passwords and credit card information.
10. Update your devices
Finally, and we know it’s a pain, updating your devices will help protect you from malware, software bugs, and zero-day exploits. Just update them, and while you wait, enjoy a break from the screen, too.
What are your New Year’s resolutions for 2020? Don’t tell us!