There are add-ons, VPNs and apps galore that offer a safer browsing experience — but the browser you use, and the sites you visit, offer strong but simple security tools, too. Here are the best of the no-hassle, no-install-required options that you should be using now.
Image via jeff_golden
Stash Your Passwords the Safe Way
Firefox can save your passwords, but does so insecurely, so that anyone who grabs your laptop, or digs into your files, can read them. So be sure to enable the Master Password, and while you’re at it, install Master Password + for a less-annoying, more-secure tool.
Chrome can save your passwords, too, and also sync them through the Google cloud to any other Chrome browser you use. But be sure to protect your passwords with a passphrase.
Internet Explorer, even in its pre-release ninth version, doesn’t offer much in the way of password protection, beyond a toggle to ask you before saving each password. You’re best off getting friendly with LastPass.
Enable HTTPS and Better Security Everywhere You Can
Most sites that you’d want to use now offer an encrypted connection option, usually termed as “HTTPS” or “SSL”. If a site doesn’t have that option, and it’s holding your personal data, consider whether you really need to be using that service. Here are the services for which you should definitely enable the secure/https option:
Gmail: Secure connections are usually a default now, but double-check: head into Settings, look under “Browser connection”, and ensure that “Always use https” is enabled. (Be sure, too, that you’ve enabled two-step verification for your Google account, Gmail included.)
Facebook: Recently offered, and not enabled by default. To make use of it, click the Account link on any Facebook page while logged in, head to Account Settings, then, under “Account Security”, hit the change button and check the box that says “Browse Facebook on a secure connection (https) whenever possible”. Hit the Save button and head elsewhere.
Hotmail: Now offered for everyone, though not fully supported across clients like Outlook and Windows Live Mail. If you’re mostly using Hotmail in your browser, add an “s” to your Hotmail URL (https://hotmail.com), and you should see a screen asking you if you always want to use a secure connection. You probably do.
eBay/PayPal: Log into PayPal, click the My Account tab, then click the Profile sub-tab. Look for the “Security Key” tab. For $US5, you can order a passphrase that arrives in physical form, and without which PayPal won’t let anyone come close to your money. For those who do a decent amount of trading, especially overseas, it’s a worthy investment.
Make It Harder for People to Pretend They’re You
Not every site offers encrypted connections or extra security options, but most offer some kind of password recovery scheme for your convenience. Then again, most of them are hinged around simple email confirmations, or security “questions” that someone could discover from, say, your Facebook profile.
What’s to be done about overly simple security features? Do your own thing. Create fake, snarky answers to security questions about your favourite teacher, your first pet or easily discovered relatives. One thing I’ve done for security questions that seem halfway decent is to answer the opposite of whatever the question was — so, enter your least favorite teacher, your last childhood pet, and maybe not the mascot of the high school you attended, but the mascot of that school’s arch-rival.
Keep Insecure Plug-Ins from Exposing You
The modern browser is full of plug-ins, some of them occasionally necessary. How does one prevent these house guests from inviting all kinds of crashers onto your system?
First things first: head to Mozilla’s super-handy Plugin Check page, which works with almost any browser, and see which of your plug-ins need updating now. You’ll probably be a bit surprised, as even I was, evidenced by the screen capture above.
Chrome has a few good options for keeping insecure plug-ins at bay. You can set them to “click-to-play” or disable them individually, or enter
about:flags into your address bar and enable the “Disable outdated plugins” option to automatically shut down plug-ins that have known vulnerabilities.
Firefox will work some automatic plug-in monitoring into its future versions, as will other browsers; for now, consider making Plugin Check something you visit frequently — maybe even as one of your multiple startup pages.
What’s the easiest way you’ve increased your own security online, without having to learn a new app or get a new number tattooed on your wrist?
Republished from Lifehacker