Cyber hygiene: 5 tips to keep your information safe online

Cyber hygiene refers to the best practices you can adopt and precautions you can take to better protect yourself online. Scammers can use any number of tricks to try and steal your personal information—but there are steps you can take to stop them in their tracks and avoid becoming a victim of fraud. Here are a few of them.

1. Make your login practices more secure
2. Protect your personal and banking information
3. Think carefully about what you share on social media
4. Browse the web securely
5. Shop safely online

Your password should have between 10 and 14 characters and include both lowercase and uppercase letters, numbers and special characters. Never share your passwords with anyone, even people you trust.

Don’t pick something that could be easy to guess, like your birthday or the name of a pet or family member. Instead, memorize a coded phrase that only you will know. For example, come up with a sentence and use the first letters of each word with some numbers added in. That way, your password will only make sense to you.

Use different passwords for all of your accounts and devices, so that if one of your passwords is ever compromised, the damage will be limited to just one area.

Use a password manager to keep track of your usernames and passwords. It’s a tool that creates passwords and stores them in a secure, encrypted “safe” that can only be accessed using your master password. It can help you use strong, unique passwords for each account, without you having to remember them.

Wherever possible, enable two-step verification (also called “two-factor authentication”) to add an extra layer of security. With two-step verification, you log in to your account using your password plus a second method, such as a one-time security code sent by email or text message. 

Biometrics are a method for confirming your identity and enhancing security. It means using your unique physical features, such as your face or fingerprints, to unlock your device or log in to an account. Biometric logins can often be faster and more convenient than using a code or password. 

Unless you’re asked for it in an official context, don’t give out personal or confidential information like your full name, address, phone number, social insurance number (SIN) or date of birth, or the details for any of your accounts, whether financial or otherwise. Some things, like passwords and PINs, should never be shared with anyone—even in an official context.

Whenever you’re asked for this kind of information, think about who’s asking, whether they really need it and what the circumstances are. Don’t be afraid to ask questions. Some examples of useful questions might be: Why do you need this information? Can I just show you my ID instead of handing it over? Do you really need to keep a copy of my information? How will my information be protected? If you’re ever in doubt, search for answers from reliable sources or contact the company to confirm that the request is genuine.

It’s also a good idea to ask yourself these questions before sharing information voluntarily in other situations, such as entering a contest.

Before filling out an online form, for example when signing up for an activity or making a purchase online, make sure the website is secure. If it’s secure, you’ll see a lock symbol in the search bar or the address will start with “https:”.  

When connecting to the internet, make sure to use secure Wi-Fi networks whenever possible. If you’re using a public network, never share personal details or log in to accounts that contain sensitive information. While practical, public networks can be accessed by anyone, including people with bad intentions.

Information shared on social media can be a goldmine for criminals, giving them details that make their tactics seem more believable to you or your loved ones.

Every detail about yourself that you make public is like a puzzle piece for criminals. If they put together enough of them, they can get a detailed picture of your life. They can use that information to steal your identity, or send bogus-but-believable emails that look like they were sent by you.

Be careful not to share personal or confidential information. For example, don’t post photos that show your licence plate or address, and don’t share your location with others over apps.

Be wary of games, surveys and quizzes on social media, even if the questions and answers seem harmless. People can use the information you provide to set up scams or try to guess your passwords or the answers to your security questions.

For all of your social media accounts, go through your security and privacy settings to limit who has access to your information and what you post. The default settings don’t usually provide much security, giving just about anyone the opportunity to learn a lot about you. 

Websites and cybercriminals can both use cookies or specialized software to collect information about your online habits, such as what pages you visit, what you search for, what you buy online, and even who your internet provider is and roughly where you’re located.

• When you visit a website, refuse optional cookies. Only accept the essential ones.
• Remember to regularly delete the cookies saved in your browser to reduce the traces you’ve left online.
• You should also regularly clear your browser cache and delete your browsing data to minimize your online footprint and reduce the risk of being spied on or targeted by a cyberattack.

Using a virtual private network (VPN) is a way to encode your connection data and protect your privacy. It disguises your IP address, which makes it harder to geolocate you.

Protecting your devices is an essential step toward improving your online security. Install reliable antivirus software on your computer and devices, so you can quickly detect and block potential threats. You should also get into the habit of updating your operating systems, browsers and applications when prompted. These updates often correct security flaws that could otherwise be exploited by criminals. By keeping your devices secure and up to date, you reduce risk and help keep your digital environment more secure.

Make sure to keep your work and personal lives separate online. If your employer gives you access to an email address, computer or phone, avoid using them for personal projects. And vice versa: don’t use your personal devices to share work-related information.Since personal online activities are more often at risk, they could put your employer’s sensitive data at risk.