Happy Data Privacy Day! Celebrated Jan. 28 every year, people are coming together across the globe to talk about the importance of privacy. Take a look at the conversation that’s been happening today on Twitter via the hashtag #DPD14 (or Facebook).
On Jan. 16 we asked our users – some of the best privacy experts in the world – to share their top privacy tips. We were overwhelmed by the response. Hundreds of tips poured in, and many of which them overlapped from multiple users.
We sifted through them & picked some of the top tips for protecting your privacy:
- Use Disconnect if not using Tor. – Daryl
- Use local full disk encryption everywhere, be it FileVault on the Mac, LUKS on Linux or Truecrypt/BitLocker on Windows. Especially true for Laptops. – Gordon
- If you don’t like to give your email address to each service or message board you sign in, you can use services like 10minutemail.com or mailinator.com which give you a temporary and disposable email address. -C (You can also use Gmail’s email@example.com to track companies that sell your information, and don’t do any more business with them! – Gabriel)
- Use different passwords for different accounts and keep them in a password manager (LastPass, KeePass). For example, I use the cross-platform Password Gorilla (same encrypted database on a shared drive read by both Linux and Windows). Of course, backup the password database file on SpiderOak. – Dusk
- Make full use of your password manager, have it generate long, random, unique passwords for all sites. Make sure the password protecting your password manager is very long. As in over 20 uppercase, lowercase, numbers, and symbols.http://imgs.xkcd.com/comics/password_strength.png has a good example of how to achieve such requirements in a sane manner (but DO NOT use the phrase “correct horse battery staple” as I’m sure that’s in a hacker’s common password list). Linux users check out the command `apg` and it’s “-a0″ mode to get pronounceable (for english speakers) random words. – Todd
- Never type important login information on a public computer. It may have a kernel-mode keylogger installed and you have no way to reliably check for its presence. If you can’t avoid doing it, remember to logout and when you get back home change the password you used. – D
- Beware of free wi-fi hotspots, remember to verify that the wi-fi network name is from a legitimate service. Avoid unsecured wi-fi networks. Use a Virtual Private Network (VPN), when possible, which helps you to route your activity through a separate private network, more secure, while you’re on a public one. – B **Note: see our two recent posts: VPN, privacy and anonymity, and Guest Post: Can you trust a VPN to protect your privacy?
- Never disable your security software when playing games. Search for a “game mode” in your security software; you won’t be interrupted in the middle of a game, but you’ll be protected. – B
- Never leave your devices unsupervised. When you leave them, lock them and make sure the password you have set is strong. – Christian
- Third-party cookies suck. Turn them off in Chrome under Settings > Privacy > Content Settings > Block third party cookies and site data.
On Firefox that is Preferences > Privacy > History > Use custom settings for history > Accept Third Party Cookies > Never (or from visited if you want to let sites you’ve been to save cookies on other sites. Tell sites you don’t want them to track you on Chrome: Settings > Privacy > Send a ‘Do Not Track’ request with your browsing traffic; Firefox: Preferences > Privacy > Tracking > Tell sites I do not want to be tracked. – Conor
- Use DNSCrypt and the DNS Servers at OpenDNS to secure your DNS traffic from eavesdropping. Use HTTPS Everywhere from the EFF to ensure your traffic with major websites is encrypted where possible.- John
- Use SSH keys & disable password authentication. Use GPG to encrypt emails. And use RedPhone app to encrypt phone calls. – Toby
- Adblock Plus is awesome and allows you to block Social Media Buttons and has special privacy filters to help keep your footprints clean! – C
- Stay informed. Treat security news as important. For example, Ars Technica has a dedicated security column http://arstechnica.com/security. Be aware of alternatives to the software (including webapps) you use and how easy it might be to migrate if neccesssary. See http://prism-break.org/en/ for a privacy/security focus. See http://alternativeto.net for general options (where I found out about SpiderOak!). This is also relevant if you run a website, see http://indiewebcamp.com for tips on avoiding silos. - David
- Treat the answers to security questions like passwords. If “Buddy” is a bad password (and it is), then using “Buddy” as the answer to a website’s security question of “What is the name of your first pet?” is also insecure. Use strong passwords AND strong answers to security questions. Courtesy of Facebook and other Internet sources, it is often easy to find the maiden name of someone’s mother. Never use your mother’s real maiden name as the answer to “What is your mother’s maiden name?” – A
- Use a Google Voice number that forwards to your cell phone for Craigslist anything. - Avaah
- If you’re not paying for the service, your privacy could be the payment. – T
Bonus: Probably the most important privacy technique I use today: Follow this blog. Not only does it give you updates on SpiderOak, but they occasionally recommend other software and companies like they did here: A List of Privacy-Focused Companies, Tools & Technologies. - Bryan
A huge thanks to all of you for your support, time and kind words you gave when writing in!
Want more tips? Check out all the tips submitted via blog comments over the past few weeks.
Is your data secure? Enjoy 28% off our completely private backup, sync and share. Discount runs until the end of January.
Are you a privacy pro? Answer these 10 questions and to see how good you are at protecting your online privacy: MyPrivacyIQ.com (created by SpiderOak + StaySafeOnline.org)
Learn more about Data Privacy Day.
We will share more of your tips in the coming weeks. Do you have anything to add?