You may have heard it a thousand times already, but here it comes again: protecting accounts with strong and unique passwords, and using a second form of authentication is essential to security.
While the main focus seems to be on this recommendation, many guides fail to mention other essentials. One example: while strong passwords and 2FA keep attackers out, they won’t help you if you get locked out of an account.
What happens to your data if you get banned? What if your desktop computer, laptop or mobile device gets stolen?
There is more to security than strong passwords. This guide looks at these, often neglected, security options.
Encryption is key
Encryption protects data against unauthorized access. Encrypt data on all of your devices to make sure that it is protected. Encryption helps when devices are turned off. While it is still possible to create a dump of the storage device or try to brute force the encryption, this is a futile attempt if the password is strong.
Encryption is enabled automatically on Android and iOS devices when you pick a PIN. It is important to select a strong PIN, not the four-digit number that is convenient to type. Yes, that makes unlocking the device painful, but it is essential when it comes to protecting data on it.
On Windows, data gets encrypted, but only for Microsoft account users. While you may use Bitlocker on Pro, Education and Enterprise devices to protect the entire system, I recommend using a different encryption software. VeraCrypt is open source and can encrypt the system drive and any other storage device.
Recovery Codes
Recovery codes help you get back into accounts or devices if you forget your password or lose access to something else that you need to sign-in. This can be a Titan security key, a hardware key used for 2-step verification, or access to an email account.
The main idea behind recovery keys is to use them in emergency situations. You lose access to the dedicated two-factor authentication method and can’t sign-in to your account anymore. Setting up multiple methods helps against this, but you may also use recovery codes instead.
Recovery keys may be used to regain access to the account. Many online services that support two-factor authentication support recovery keys.
These are highlighted most of the time when you set up two-factor authentication for the account. It is a good idea to keep these codes secure, for instance as notes in your password manager.
Backups are essential
Backups are a burden as long as you don’t require them. They help you recover data that may not be accessible anymore. If a device breaks or gets stolen, when you forget your password or delete something accidentally.
Creating local backups regularly is an essential security precaution. Whether you keep all backups in one place or spread them is up to you. It depends on the device as well.
If data is important, you may want to store backups separate from the actual device.
Computer users may want to use external storage devices to create backups. These come in different shapes and form factors.
I recommend the free Paragon Backup & Recovery software for the task on Windows, but there are lots of other options available.
Android and iOS devices support backups to Google’s or Apple’s cloud infrastructure. You may also connect your device to your PC or Mac, and transfer important data, which often means images and videos, to the device.
Content Blockers
Content blockers prevent certain types of attacks. Extensions such as uBlock Origin don’t just block advertisement, they may also block known malware sites, improve your privacy online and much more.
Advertisement is used regularly for attacks. This can be as simple as placing an ad for a program download to lure users to a site where malware is offered.
Using content blockers protects you while you are browsing the Internet. You may want to disable the blocker for sites that you value though, as they rely on the revenue and may shut down otherwise.
Antivirus and Firewall
On PC, you need to make sure that you have a proper antivirus solution and firewall installed. Most Windows users may find Windows Defender adequate.
Advanced users may install third-party antivirus solutions, such as BitDefender Free, to protect their PCs.
No antivirus solution is perfect. Thousands of new threats emerge daily and while most users will never notice most of them, there is always the chance that one slips through defences.
Common sense is important as well. The best antivirus solution can’t protect you if you allow malware to run on your devices.
Firewalls, when properly configured, control incoming and outgoing traffic. They may block certain threats outright, by refusing connections.
Windows comes with its own firewall, which is fine for most use cases. Most advanced antivirus solutions come with firewalls.