Tips on How to Stay Private Online

Blog 1: Tips on How to Stay Private Online

1. Create a spare email account
   Performing certain tasks online often require you to input a personal email. These can be shopping websites or news websites, or subscriptions. Often with these types of sites you can receive a lot of emails with promotions etc. to avoid an overflowing inbox full of these types of emails, you can create a spare email account, which can be used for non-important accounts. Have one important email address for important accounts such as banking and government etc. In this way, you can compartmentalise what you receive, and important details and information can be separated from other websites in the case where a shopping website is compromised.
2. Be careful about what you share online
   When socialising online it can be tempting to share information about family and holiday trips, however this information can be used by social engineers to manipulate information from you. Beware of photos revealing private information, even your home address can be identified by landmarks in the background. When going on holiday wait until you are home before sharing photos. 
3. You do not need to fill in all details online in forms
   When subscribing to certain websites or shopping online, you are often expected to fill in lots of personal details. Check to see is all the information strictly necessary. An asterix (*) is usually indicates what is necessary. Sometimes even this can be bypassed in the case of phone numbers. When phone numbers are requested you may be able to fill in all zeros or random numbers, however this is not always possible.
4. Use a VPN
   VPNs stand for virtual privacy network, they encrypt your internet traffic and mask your online identity, making it harder for third parties to monitor your online activities and steal your data. There are many brands of VPNs, which all vary in price plans and what they can offer you. Examples of some well-known ones are Proton VPN  and NordVPN.
5. Use a privacy friendly browser
   Browsers such ‘Duck Duck Go’ and ‘Brave’ automatically blocks cookies, so that you are not inundated with banners, some also include VPN. This can be useful in case when you are searching for cheap flights and notice the flight has increased the next time you are looking. This is because the website notices you are looking at the flight and increases the price knowing you are interested. Privacy friendly browsers prevent websites from remembering you. However, because of this cookie blocking, they can sometimes be slower in performance compared to Google.
6. Create a spare email account
   If you would rather stick with your favourite browser then the next option is to reject all unnecessary cookies which is explained in the next section. Another option when it is not always possible to clear cookies is to clear your cookie cache in your browser settings (see below for an example from Chrome).

What are cookies?

Cookies are small files of information which are stored in your browser. They are used to store information on how you use a website and can be used to remember your log in details for example on Facebook so you don’t need to sign in every time. These are known as authentication cookies. They are also used to remember what you put in your shopping basket when shopping online. These are usually referred to as essential or strictly necessary cookies and do not require user consent. These cookies are necessary for the website to function properly.

Third party cookies are cookies set by external websites linked to the website you are interacting with, a website can have up to 200 linked websites, where the data collected by this one website is shared with all these other websites. These are usually referred to as third party vendors or partners. The data they collect is your shopping habits and what websites you visit which paints a profile of you and therefore you can be targeted with specific ads relating to your interests.  Rejecting non-essential cookies limits this. These cookies are known as tracking cookies and websites are required to get your permission to use these. 

Oftentimes, you may need certain non-essential cookies for a specific website. A good example of this is the app Pinterest. Here the app shows you the topics you are most interested in, in this case it requires you to choose preferences cookies. 

However, if you are not interested in targeted advertising then you have the option of choosing alternative browsers as mentioned in point 5. If you don’t want to change your browser, then you can disable cookies on every website you visit. 

How to manage cookies

In some cases, it is not as straight forward to reject cookies, here we will show some examples of different cookie banner scenarios, where you are offered different banners and options. And we will show you the most private option in these cases. 

1. If the option to reject is not available, click on essential cookies only.
2. If this option is also not available, go to settings, options or manage preferences
3. Once in settings, you can click save and exit. GDPR states that non-private choices should not be ticked and therefore at this stage you need only click ‘save and exit’ or like below ‘confirm my choices’. Again sometimes websites do have pre-ticked options, in this case check to see if they are already ticked and if so, un-tick them and then save and exit.
4. In other cases, you are given no choice at all. In this you can search alternative websites for the same content or stay on the site if you are comfortable with tracking cookies.

Blog 2: Passwords

Managing passwords

1. Think about your most important accounts. This could be: accounts with your credit card linked to it, your email account, your tax, pension or healthcare accounts.
2. For each of these most important accounts create a unique password for each account.
3. Write these passwords down in a notebook or consider using a digital password manager.
4. If you trust a family member or friend to keep a password safe for you, ensure they bear this responsibility alone and do not share passwords to strangers over the phone or in person.
5. There is no need to regularly change this password unless you know it has been compromised.

How do I create a password

1. Create a password using a sentence.
   • Recall that spaces count as special characters and can be included to make it easier to remember.
   • A sentence should be one you can say easily and if you can it should naturally include special characters and numbers.
   • For example: “I make tea at 9:30am every day”. This password is 31 characters long, includes uppercase and lowercase characters, 3 special characters and 3 numbers.
2. Consider enabling two-factor authentication. This means you will use 2 forms of authentication to access your account (usually a password and a text).

What do I do if my password is compromised?

1. Stay Alert for Notifications

• If you receive a notification (email or text) warning you about suspicious activity or a compromised password, do not click any links in the message. Instead, go directly to the website and login as normal.

1. Try Logging into Your Account
   • If you can log in, go to your account’s Settings and select Change Password.
   • If there’s an option to log out of all devices (iPad, laptop etc), enable it to secure your account across all platforms.
   • Double-check that the saved recovery email or phone number is your own.
2. If You Can’t Log In
   • Select the “Forgot My Password” option on the login screen to reset your password.
   • If you don’t receive the reset email or message, contact the service provider directly for help regaining access to your account.
3. Report the Compromise if Necessary
   • Reporting the compromise to your local police station may help if you need to provide proof of a breach to the service provider.