Give your social media presence a good spring scrubbing, audit your passwords and other easy ways to bring order to your digital chaos.
Spring has sprung, the sun is out longer, and the birds’ chirping, peeping and tweeting in the trees have put that much-needed pep in your step. With the arrival of spring also comes the annual rite of decluttering and cleaning your living space. If you’ve already given your home a major refresh, next up should be a clean-up of the digital clutter that has invaded your computer and smartphone, as well as your home network and all the devices connected to it. There’s still more to digital spring cleaning, however.
If you’re like most people, you use at least one social media platform on an almost daily basis. It goes without saying then that all your posts, comments, likes and whatnot contribute heavily to your digital footprint, so much so that your social media profile is like a front window that lets people peer into your private life. And therein lies the rub that many of us are oblivious to.
Let’s look at how you can deep-clean and spruce up your social media presence and improve your account security so that your private life remains private.
Tidy up your digital trail
Lots of people have been using Facebook and other social media platforms for at least a decade. Some of these may actually no longer exist (Google+), others no longer exist in the once-familiar form (MySpace or LastFM), while yet others may simply have evolved and are used somehow differently than in the past. Perhaps start by asking yourself these questions: Do I use MySpace, LastFm, or any other platform at all anymore? What’s stopping me from deleting my account(s) there right away?
Put simply, the more social media profiles you have, the harder this annual rite of spring cleaning may be. Over time, you may have been more than willing to share some of your most private information with the world or posted something you regretted later. Do all your posts, both recent and from ages ago, still need to be visible to lots of people? Also, maybe you’ve befriended lots of people you barely know or no longer even remember adding them to your list of friends in the first place? It may be about time you cleaned up your digital trail.
Facebook’s “Memories” feature, for example, may be a good nudge for deleting your old posts, reviewing who can see your activity or find you on the site, or for making other adjustments to your privacy settings. Facebook Privacy Checkup lets you do this quite easily.
For all those platforms du jour that you still want/need to use, review and ensure you’re comfortable with your current privacy settings. After all, remember that, unless you make some deliberate choices, what happens on the internet, stays on the internet.
And while you’re at it, lock down your account by ensuring that you use a strong and unique strong and unique password and that you have enabled two-factor authentication (2FA).
Blogs and free websites
It’s easy to get caught up in the hustle and bustle of life and forget about the blog you created while in high school or university – perhaps long before you began posting your stuff on Facebook, Instagram, YouTube and other platforms.
If that’s the case, it’s about time to check whether such remnants of your past still exist and whether you still want that soul searching to be there for the whole world to see. There have been cases where information from people’s lives once posted on old blogs was misused 20 years later to subvert the password recovery process.
Additionally, many people, including (or especially?) those who have grown up with the technology, but may often be oblivious to the privacy and security risks that its use may entail and have only learned about them “the hard way”, i.e. after falling victim to a cyberattack.
Let’s move on to the one and only and the potential bane of our digital existence – passwords.
Aim for better account security
First things first, we are NOT asking you to change all your passwords on a regular basis and just for the sake of doing so. Studies and experience show that this alone does not necessarily lead to better security – perhaps quite the opposite, doubly so if you’re doing it on autopilot. Here’s what you can do instead.
Get a password manager
Password managers are a great and inexpensive way of enhancing your account security, doubly so when included as part of security program packages, such as ESET Smart Security Premium. These ‘password vaults’ make the job of generating a strong and unique password for each of your online accounts a breeze, thus helping you avoid some of the most common password mistakes – using eminently hackable passwords and recycling your passwords across multiple online accounts.
With a password manager, you only need to remember a single, master password (and so you’d better make sure it’s a very robust one)! To make it easier to remember without compromising the password’s security, don’t use abbreviations or single words. Instead, opt for passphrases and even entire sentences, complete with various punctuation marks, special characters, block capitals and spaces.
That way, chances are good you’ll come up with a passphrase of so many characters that the task of guessing your password will be an impossible one. Ideally, the passphrase shouldn’t be related to the login process itself, however – “I’m logging into the password manager!” doesn’t make for a great master password.
Audit your passwords
If any your passwords – especially those that “secure” your valuable online accounts – match or are eerily similar to the world’s most common passwords, it’s time to get down to work. The easiest fix involves letting your password manager generate unique and impossibly-to-remember passwords for all of your online accounts.
Don’t know where to start or how strong your password should be? Check out ESET’s own password generator and watch the video below.
Now, why should each password be unique? It’s because if a password is stolen or leaked, criminals often try the same username/password combination to break into the person’s other accounts. They may also use the “forgotten password” option to gain access to your valuable online accounts.
If possible, turn on notifications about all login changes and that you have to confirm a password change via a second email address at another provider or a push message on your smartphone. Avoid sharing your passwords with other people as they could put your private data at risk, even if unwittingly.
Get a second factor
Two-factor authentication (2FA), sometimes also called two-step verification (2SV), is an excellent way to shut the door on cybercriminals even when your password is stolen or leaked. Put differently, without getting ahold of your login data and having access to your smartphone, cybercriminals will not be able to break into your account. That all is courtesy of your use of another authentication factor on top of your username and password combination.
There are multiple 2FA options – a dedicated hardware security key, a code generated in an authenticator app, a text message or possibly even biometric data such as facial recognition or your fingerprint. Many online services these days, including Facebook, Twitter, Google and Apple, offer 2FA feature for account protection. Unfortunately, it’s not enabled by default, so make sure to look for and activate it in your account’s security and privacy settings.
So there you have it. I hope this mini-series has helped you clear out your cyber-clutter, whip your devices into shape, make room for a fresh start and, most importantly, improve your online privacy and security in the long run so that next round of digital spring cleaning will be a breeze.
by Thomas Uhlemann, ESET