Top tips for online security

We outline the actions you should take to keep yourself secure on the World Wide Web, taking you from the basics through to the more advanced tips. All of this helps protect you from viruses and keep your identity safe.

Basic

Online security starts here. This is the bare minimum you should be doing every day:

• Use strong passwords. A strong password is one that uses letters (capitals and lower case), numbers and punctuation. There’s no defined length, but longer is better. The trick is using a combination that’s both strong and memorable. The two best ways to keep your password memorable is taking a word and modifying it. For example, “password” is very weak; “P455word” isn’t much better; but “p#s5Wor’D” is good. However a passphrase is best of all, for example “AlwaysStrongPasswordPizza” is a strong password and chances are you’ve already memorised it, and if you’re required to add numbers or punctuation it’s easy enough.

• Never use the same password twice. There’s no such thing as an un-crackable website so, if one of your accounts gets broken into, you don’t want that stolen password to open any of your other accounts. Always use strong passwords for your email and websites where you use your credit card or share financial details.

• Never trust messages from unknown sources. This includes emails, Facebook messages and texts. Never click links in these messages or open attachments. Even if the message is alarming or intriguing, such as “your account has been frozen” or “75% off Ray-Bans!” If you’re worried, bypass the message and go straight to the source (for example, call or contact your bank or directly visit its website).

Intermediate

If you’re already doing the basics, then these are our next recommended steps:

• Don’t save your credit card details. Many online stores offer to save your credit card details so you can make subsequent purchases faster – no need to re-enter all your details. This is a terrible idea. If these sites get hacked then your information is at risk. While a site remembering your details is convenient, chasing your bank to refund fraudulent purchases is not.

• Don’t download any old app. Not every app in the Google and Apple app stores is above board, some come with nasty fish hooks – from hidden in-app purchases to selling personal data to flat-out scams. If you’re installing an app, don’t just choose the first one in the search results. Read the reviews, and check the developer to see what else they’ve made.

• Report everything! If you’ve been scammed, report it immediately. Go to your bank, Netsafe or the police.

Advanced

Once you’re in your groove with the security routine, try these:

• Take note of app permissions. When you install an app it’ll ask for a range of permissions. Sometimes these make sense, sometimes they reach too far – a photo-editing app needs access to your photos, but it doesn’t need your contacts. You can see the permissions required before you install it. You can also revoke permissions in your settings.

• Give false information. We don’t mean lying on anything official, but not telling the truth in some circumstances makes your online presence safer. Security questions are a good example. Questions like “Where were you born?” are used to verify your identity when you forget your banking login. However, that type of information can often be easily found on your Facebook page. Instead use false or unusual answers such as “at the bottom of a well” or “Valhalla”. Another trick is giving a slightly different spelling of your name when signing in to a new website or service (this includes loyalty cards that keep your information in online databases).