Happy Data Privacy Day! Celebrated Jan. 28 every year, people are coming together across the globe to talk about the importance of privacy. Take a look at the conversation that’s been happening today on Twitter via the hashtag #DPD14 (or Facebook).
On Jan. 16 we asked our users – some of the best privacy experts in the world – to share their top privacy tips. We were overwhelmed by the response. Hundreds of tips poured in, and many of which them overlapped from multiple users.
We sifted through them & picked some of the top tips for protecting your privacy:
- Use Disconnect if not using Tor. – Daryl
- Use local full disk encryption everywhere, be it FileVault on the Mac, LUKS on Linux or Truecrypt/BitLocker on Windows. Especially true for Laptops. – Gordon
- If you don’t like to give your email address to each service or message board you sign in, you can use services like 10minutemail.com or mailinator.com which give you a temporary and disposable email address. -C (You can also use Gmail’s firstname.lastname@example.org to track companies that sell your information, and don’t do any more business with them! – Gabriel)
- Use different passwords for different accounts and keep them in a password manager (LastPass, KeePass). For example, I use the cross-platform Password Gorilla (same encrypted database on a shared drive read by both Linux and Windows). Of course, backup the password database file on SpiderOak. – Dusk
- Make full use of your password manager, have it generate long, random, unique passwords for all sites. Make sure the password protecting your password manager is very long. As in over 20 uppercase, lowercase, numbers, and symbols.http://imgs.xkcd.com/comics/password_strength.png has a good example of how to achieve such requirements in a sane manner (but DO NOT use the phrase “correct horse battery staple” as I’m sure that’s in a hacker’s common password list). Linux users check out the command `apg` and it’s “-a0″ mode to get pronounceable (for english speakers) random words. – Todd
- Never type important login information on a public computer. It may have a kernel-mode keylogger installed and you have no way to reliably check for its presence. If you can’t avoid doing it, remember to logout and when you get back home change the password you used. – D
- Beware of free wi-fi hotspots, remember to verify that the wi-fi network name is from a legitimate service. Avoid unsecured wi-fi networks. Use a Virtual Private Network (VPN), when possible, which helps you to route your activity through a separate private network, more secure, while you’re on a public one. – B **Note: see our two recent posts: VPN, privacy and anonymity, and Guest Post: Can you trust a VPN to protect your privacy?
- Never disable your security software when playing games. Search for a “game mode” in your security software; you won’t be interrupted in the middle of a game, but you’ll be protected. – B
- Never leave your devices unsupervised. When you leave them, lock them and make sure the password you have set is strong. – Christian
- Third-party cookies suck. Turn them off in Chrome under Settings > Privacy > Content Settings > Block third party cookies and site data.
On Firefox that is Preferences > Privacy > History > Use custom settings for history > Accept Third Party Cookies > Never (or from visited if you want to let sites you’ve been to save cookies on other sites. Tell sites you don’t want them to track you on Chrome: Settings > Privacy > Send a ‘Do Not Track’ request with your browsing traffic; Firefox: Preferences > Privacy > Tracking > Tell sites I do not want to be tracked. – Conor
- Use DNSCrypt and the DNS Servers at OpenDNS to secure your DNS traffic from eavesdropping. Use HTTPS Everywhere from the EFF to ensure your traffic with major websites is encrypted where possible.- John
- Use SSH keys & disable password authentication. Use GPG to encrypt emails. And use RedPhone app to encrypt phone calls. – Toby
- Adblock Plus is awesome and allows you to block Social Media Buttons and has special privacy filters to help keep your footprints clean! – C
- Stay informed. Treat security news as important. For example, Ars Technica has a dedicated security column http://arstechnica.com/security. Be aware of alternatives to the software (including webapps) you use and how easy it might be to migrate if neccesssary. See http://prism-break.org/en/ for a privacy/security focus. See http://alternativeto.net for general options (where I found out about SpiderOak!). This is also relevant if you run a website, see http://indiewebcamp.com for tips on avoiding silos. – David
- Treat the answers to security questions like passwords. If “Buddy” is a bad password (and it is), then using “Buddy” as the answer to a website’s security question of “What is the name of your first pet?” is also insecure. Use strong passwords AND strong answers to security questions. Courtesy of Facebook and other Internet sources, it is often easy to find the maiden name of someone’s mother. Never use your mother’s real maiden name as the answer to “What is your mother’s maiden name?” – A
- Use a Google Voice number that forwards to your cell phone for Craigslist anything. – Avaah
- If you’re not paying for the service, your privacy could be the payment. – T
Bonus: Probably the most important privacy technique I use today: Follow this blog. Not only does it give you updates on SpiderOak, but they occasionally recommend other software and companies like they did here: A List of Privacy-Focused Companies, Tools & Technologies. – Bryan
A huge thanks to all of you for your support, time and kind words you gave when writing in!
Want more tips? Check out all the tips submitted via blog comments over the past few weeks.
Is your data secure? Enjoy 28% off our completely private backup, sync and share. Discount runs until the end of January.
Are you a privacy pro? Answer these 10 questions and to see how good you are at protecting your online privacy: MyPrivacyIQ.com (created by SpiderOak + StaySafeOnline.org)
Learn more about Data Privacy Day.
We will share more of your tips in the coming weeks. Do you have anything to add?
Privacy is something to be shared. Please pass it on!
**Thanks for submitting your tips! This promotion is now closed as of Sunday Jan. 26. Get 28% off yearly plans until the end of Jan.**
No one is better at protecting their online privacy than SpiderOak users. Our users are some of the best privacy experts in the world. They are extremely intentional about what they do – or don’t do – online, with their data and personal information.
So as Data Privacy Day (DPD) approaches on Tues. Jan. 28, we want to collect some of your key privacy tips and give you free GBs to show our thanks. Then we will share the Top Privacy Tips submitted here on the blog on DPD to help others protect their privacy online.
GB FOR LIFE FOR A TIP YOU RECITE!
Submit your top privacy tip(s) via:
- A comment on this post
- Email campaigns[at]spideroak[dot]com
Be sure to include your username so we can give you a GB!
New user? Quickly sign up for a free account (which automatically gives you 2 Free GBs for life) then submit your tip and new username and we will give you the additional GBs in this promotion.
Details: This giveaway closes Sunday Jan. 26 (12 pm CST). A maximum of 3GBs can be earned per person. You are welcome to submit more than three privacy tips, but 3GBs is as much as you can earn. Please do not share your tips in more than more place (i.e. via email, comment, and Facebook). GBs will be added to your account by the end of January, thanks for your patience!
But wait, there’s more!
We helped put together this quick and easy way to test your privacy IQ. Answer these 10 questions and see how good you are at protecting your online privacy:
How’d you do?
Thanks for sharing your top privacy tips! Learn more about Data Privacy Day.
As you know, privacy and security is not something we take lightly. In our efforts to help educate our fellow humans on their importance and the role they play in our lives on and offline, we’ve compiled the below list of recent news, resources and tips.
[For the past few weeks we’ve focused on encryption. If you missed them: Just Because It’s Encrypted Doesn’t Mean It’s Private and Encryption 101.]
If you would like to share links or resources we’ve missed, we encourage you to do so below.
News & Information
- Don’t send sensitive information over the Internet before checking a website’s security
- Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net)
- Install and maintain anti-virus software, firewalls, and email filters to reduce suspicious traffic
- Don’t use passwords that are based on personal information that can be easily accessed or guessed
- Use both lowercase and capital letters in your passwords
- Use different passwords on different systems
- Do business with credible companies
- Do not use your primary email address in online submissions
- Devote one credit card to online purchases
- Encrypting data is a good way to protect sensitive information. It ensures that the data can only be read by the person who is authorized to have access to it
- Use two-factor authentication if available (coming soon to SpiderOak)
- Back up all of your data on a regular basis
Here are some of our tips for your privacy protection online. Please let else know what else would might add to the list?
- Use different, strong passwords for each of your online accounts so if one is compromised the rest are safe. Strong passwords contains letters, numbers, different cases, and symbols.
- Unused online accounts are a liability. Hackers could use them to infiltrate your more important accounts. Get rid of them.
- You put a lot of information about yourself on social networks. Would you want that friend of a friend you met once, two years ago to be carrying around a copy of all that information? Probably not. Keep the people you know and trust. Delete the rest.
- Still receiving bank statements and doctors’ invoices by mail? You don’t need your personal information floating around in your trash can on the curb outside. Call your bank, doctor, credit card company etc. to find out if you can go paperless and manage your records via a secure online portal. You’ll save a tree and protect your privacy. Perfect!
- Update your web browser (Internet Explorer, Firefox, Safari etc.) regularly to ensure that it’s the most recent version so you can take full advantage of the included privacy features like ‘private browsing mode.’
(Explorer offers phishing filters, private browsing mode and more; Firefox offers anti-malware, parental controls and more; Google Chrome offers incognito mode, a user privacy settings tab and more.)
- Be wary of emails asking you to “update” or “confirm” your information. These are almost certainly phishing schemes aimed at obtaining your personal information.
- It’s easy to spoof an email sender, so don’t download attachments that you’re not expecting, and don’t download executable attachments at all. If you get an email saying “Run the attached file”, DON’T.
- You should also never download attachments from unrecognized senders, as they are likely to contain viruses or malicious software that can take over your computer and/or harvest your personal information.
- Remember to sign out of an online service or account when you are finished with your session, especially if you are using a public or shared computer.
- Don’t broadcast your location or absence on social media. For that matter, make sure you know where you privacy settings are on social media.
- Check out some of our favorites for your online use: PrivacyFix (simplifies privacy for you); and search engine DuckDuckGo (does not track any of your personal information).
- Password-protect your devices.
- Check your privacy settings before sharing vacation photos.
- Discuss privacy concerns with your children and other household members. Everyone should understand what you feel is and is not appropriate to reveal on the phone, using a computer, or other situations.
- Check your credit report regularly.
Find even more tips at StaySafeOnlline.org.
IF YOU MISSED IT: 24 hours left for 28% off
Celebrate Data Privacy Day with us by nabbing 100GBs (an annual plan) at this great discount (details found in Friday’s post).
Thanks for elevating the privacy conversation and Zero-Knowledge privacy with us. We have a big announcement we will post later today.