Web3 Digital Security Primer
Protect yourself and your data in the Web3 world
Protect yourself and your data in the Web3 world
It’s happened to most of us. You try to log in to your email, and you get a message saying your password is compromised. Or you’ve been kicked out of your own Instagram account, and someone else is spamming all your followers. In today’s Web3 world, it’s more important than ever to follow best practices for online and digital security.
You already know that ‘1234’ and your birthday are unacceptable passwords. Did you know that ANY password you have stored online can be stolen? The first steps to secure your data are creating strong passwords and storing your passwords in a safe place.
Using strong passwords will make it harder for hackers to access your data. Passwords using combinations of numbers, uppercase and lowercase letters and symbols are the most secure. Even better, use a random password generator to create unique passwords for all your logins. Once you have unique passwords for everything, store everything in a safe place. Since anything online can be stolen, you could store passwords using handwritten, physical copies, but that is a lot of work. Your best option is to keep them on an encrypted drive or in a password vault.
Creating strong passwords is just the first step. Turning on two-factor authentication (2FA) adds another level of security to your online accounts. Using a second-party authentication app, such as Google Authenticator, is preferable to using text authentication. When you log into a site using Google Authenticator, the site sends a one-time, six-digit password to the Authenticator app. You then securely log into the app to retrieve the unique login information. For a hacker to access your data, they would need to know both your login information and your secret key for the Authenticator app, or physical access to the device running the app.
If you can use Authenticator, avoid using text messaging for 2FA. Text messages are usually unencrypted between sender and receiver, which leaves them open to attack from anyone who can access them (by attacking the network itself). Even so, using SMS two-factor authentication is better than no 2FA at all.
Once your passwords are updated and secure, the next step is to secure your files and cryptocurrency assets. Cold storage using hardware wallets is the way to go to store any assets you don’t want to lose. Using a cold wallet can be inconvenient if you’re trading crypto a lot, but losing your funds through insecure storage is even worse! Although inconvenient at times, a cold wallet is the best place to store your Bitcoin or any other crypto funds you have.
Of course, make sure you regularly backup your devices and data. A backup copy of files stored off your computer could save you if your device gets hacked. You could think of an offline hard drive as a cold wallet for all your essential files.
Keeping your devices up to date will make it harder for malware or hackers to access your information. Make sure you update your software (programs and apps) and your personal computer, Mac or phone. Updates to your devices might include security patches, bug fixes, and new features that you wouldn’t want to miss out on! Make sure you install (and run!) antivirus software to catch any viruses before they cause problems.
To keep your information and devices safe online, use a VPN (Virtual Private Network). A VPN scrambles your internet usage date so that hackers, cybercriminals, and even your network provider can’t see what you’ve been doing online. VPNs can be installed directly on your computer router, accessed through your internet browser, or downloaded onto your cell phone. Some VPNs to look up would be OpenVPN, NordVPN, or Surfshark.
Scammers will try anything to get your money or information. Use common sense to beat them at their own game. Double-check emails and phone numbers to make sure information is actually coming from the email address or phone number of someone you know. It might start similarly, but if you look again, you can often see that they’ve added various letters and numbers to email addresses or web links. If you receive an email that tells you you have a delivery coming but you are unsure of the sender or if you even ordered a package from them, it is most likely a scam. Check any link addresses, and definitely don’t interact with anything that seems off. Chances are, if you receive a text message regarding your tax refund, an insurance refund, or legal issue, it’s a scam. Oh, and if ‘you’ve won’ or someone wants to send you money… also a scam. If it seems too good to be true, it probably is.
Any of your Personal Identifiable Information (PII) can be stolen if you don’t keep it safe. Make sure you only give your address or phone number to secure sites or people you trust. Definitely don’t give out your social security number or birthday without a good reason. Better yet, keep that information private and only give it out verbally when necessary, like when you get a new job or a mortgage.
Before you sign up for a new website or service, review their terms of service and understand what information they will keep, share and use.
Even your social media can be an information theft point. So keep your accounts secure and your information private to prevent your information from being stolen.
Using public wifi can make it easy for someone to see what sites you’re looking at, and the information you’re giving them. Someone could act as a link between you and the wifi access point, stealing your information and spying on what you’re doing.
If you can’t avoid using public wifi, at least make it safer. Use a VPN, make sure you’re visiting secure sites, and keep your information secure. For goodness’ sake, save your banking and online shopping until you are at home and have access to a secure network.
All it takes is a few small steps to prevent cyber attacks on your data, files, and even your assets. Use strong passwords, keep passwords, files and assets safe and secure, and keep your personal information private. Prevent data breaches and attacks by being proactive and following current online security measures. Be safe to keep your data safe.