Protecting Data in Motion | How to Be Safe Online

1. PYDP Full Course Overview: Welcome to protect your digital privacy. This injury level course is designed to help you increase the privacy and security of your online digital presence by systematically going through each of these short and simple instructions, you'll be able to easily accomplish all the tasks at a comfortable pace. The plan consists of steps intentionally grouped into sections to keep related tools or tasks together for faster learning and progress. This first group of tasks focuses on securing the Windows 10 and Mac OS operating system. These actions lay the foundation, patching and updating your operating system, reviewing the apps you're using and suggestions for future app installs, recommendations for anti-virus and anti-malware software, and suggestions for safe guarding your web browser. Section 2 of the course is about protecting the stuff you send and receive over the Internet. Defending yourself online includes selecting and using a password manager, encrypted e-mail and setting up a free account. Tips for creating hard to crack passwords and understanding and using two-factor authentication and how to create and use alias e-mail then will direct our attention to securing what may be your primary tool for online access your mobile device. This section is where you'll be updating your iPhone or Android operating system, creating better passcodes, tweaking the security settings and reviewing secure apps for messaging, voice and video calls, and file-sharing. There's also a bonus section with a few miscellaneous steps where you can continue to organize your digital content and reduce vulnerabilities, understand and use mask payment methods and share your knowledge with friends and family. Each lecture within the course will be preceded by a quick intro and an overview of the level of difficulty, the time it will take and the reason behind performing the task. At the end of the course, you will be able to identify and proactively correct vulnerabilities to your computer or mobile device. And we'll be better equipped to protect your privacy and digital security. 2. Protecting Data in Motion: Introduction: The term protecting data in motion refers to the security of the information you're sending over the Internet. That could be content within an email, the credentials you use logging onto a website, the personal details submitted over and online form or when using voice or text on your phone. The focus in this section will be on using an online password manager, setting up a secure email, creating strong passwords, using two-factor authentication, and creating alias e-mails, all of which can be implemented on a computer or mobile device to improve the security of your data in motion. 3. Choosing and Using a Password Manager: Our imperfect human memory leads many of us to choose poor passwords. We use the same ones on multiple accounts and some may be lost or forgotten. The password manager will solve these problems by generating good passwords and storing them securely and should be a standard tool for anyone who uses a connected device. Installing a password manager is a critical step because future tasks in this course, we'll ask that you change current passwords and create strong ones for new account. Password management apps are available in both online and offline versions, but we will be working with the online versions since it's the easiest to get set up and using quickly and is accessible on all your devices and through any browser. We'll be using Last Pass for this lecture. It's ease of use and established track record of dependability and integrity also make it one of the most widely used password managers. And it provides the two functions we most need, the ability to generate randomized, hard to crack passwords and to securely store those passwords. Go to Last Pass and create your account. After entering your email, create a master password that is both unique and something that may take practice to commit to memory under the password field or prompts that give you parameters for the best password creation. In this example, I've included a phrase within the password as a prompt. You might also include a hint, but still be sure you record the password and keep it someplace secure. In this demo I'm in Chrome and Last Pass wants to install the extension. Follow the prompts to complete the installation. Once done, you'll be asked to enter your login info for some popular accounts. We'll skip that. Now are in the vol, this is where all your information will be saved in organized. On the left side is the navigation menu. Whenever you want to add a new entry, simply click the menu item and then the plus sign in the lower right. We'll do that in a moment. But first let's create a new account to see how the app works. I've chosen to open a proton mail account to illustrate the process. In the username field, the black square with the three dots indicates whether Last Pass is any saved information. It's great for now. The circular arrow icon represents last pass is password generator. Click it to get started. You can select length as well as other parameters. Checking the easy to read blogs will eliminate those O's as zeros and ones it can be hard to identify and different fonts. A box will pop up in the upper right corner of the browser. Fill this out manually or click the red Add button. I suggest you add the recovery email. The confirmation dialog will open, follow the prompts and you're done. Inside. Your last pass fault is where you'll find your saved login information. But it's also where you can create a secure node contact information, et cetera. There are a few templates already created for credit cards and bank accounts, and you can also create a custom card to suit your needs. For example, with the newly created proton mail account. You can open this up and change the account name, add additional information, or create a folder to store it in. You can also launch websites from inside the ball. Once opened, the login screen will display the last Pass icon indicating you have saved login credentials. Just click. If there's more than one account on any one service, you'll see that list back in the vault. Click on the security dashboard to see the status of your account. You may see notices that you have weak passwords or an untrusted device, or in this case, multi-factor authentication needs attention. When activated, you'll be walked through the process of coupling your authentication app with your account. We will go through this in detail in an upcoming lecture, but following the prompts as easy, I use Auth0 in place of Google Authenticator, but you'll have a few choices. Be sure to fill out the emergency access section and get familiar with the browser extension. Whenever you're on a website and you filled out login credentials or last pass aspects of change. You'll be asked about saving in. You can also access and use the tools without logging directly into your vol webpage. Take some time to go through the advanced options. Explore the different features for yourself. And if you have any questions, you can always email info at NDS privacy.com. 4. Setting up a Secure Email: There are many email service options, but because our emphasis is on privacy and security, this lecture we'll deal exclusively with the setup of a private and secure e-mail account through proton male. This will include tips on how to easily migrate from your current email account. However, it's not necessary to stop using your Gmail or Hotmail. Just keep in mind that it would be unwise to use them for anything that you would consider private. In the previous lecture on using a password manager, we opened a basic level proton mail account using a generic business name. By way of example, if you're going for complete anonymity, I would suggest you use something that doesn't provide a connection to anything personal, like a pet's name or your high school or home town, because we've created an e-mail account previously. The password manager shows saved credentials. Clicking on it reveals the saved account. Clicking on the tab will open in the, we're going to create a new one. I'm using an email name that has no connection to me. There might contain information that could be scraped off the internet. In the password field is the icon for last pass to generate a secure password, but I've got one ready to paste in. Once your account is created, it you'll be presented with a few tooltips to help you get familiar with the layout. We'll cover some of these in more detail in a moment. Folders and labels are limited at the basic level, but you can get started with how they work and the options available. You can also see how easy it is to move emails around. In settings. You'll see that most of the features in the left sidebar are only available to paid users. Consider purchasing the next level, it's well worth it. One feature that is available and which is important to activate as two-factor authentication. There are links to tutorials and other resources within the app, and we'll be going over to factor in detail in an upcoming lecture. Get familiar with the links and if you know what you're doing, go ahead and add this critical security step. One cool feature of proton mail is that you can log in into multiple accounts at the same time. I'll be using this to illustrate how composing and sending emails work. From the sunflower farm account. I'll send an email to another proton address. You set the time for auto deletion. If you're sending an e-mail outside proton mail, you can encrypt it by using the password option, which looks like this. The recipient can reply securely, but the email was self-destruct by the set time or in 28 days by default. Some options for sending the password or over the phone in a text without any reference to the email for each method. Hello. To get the maximum benefit from proton male, you should make it your primary e-mail provider. However, migrating to a new email account can be difficult. See the attached PDF or a few suggestions that can make it easier. After using a free proton mail account for awhile, consider spending a few bucks and try out proton nails premium features, premium memberships start at $5 a month. The upgraded features include increased storage, additional e-mail addresses, and the ability to bring in your own domain or domains that forward to your inbox. Proton male also offers a VPN as a premium member, you also support a worthy cause. Proton male keeps journalists, dissidents and activists safe and paying for a membership helps demonstrate the other companies that privacy and security is important to consumers. If you really want to go the extra mile, you can create accounts for a few of your personal contexts. These should be the people you email the most. For example, your spouse or parents, children, close friends, or coworkers. This will maximize the benefit of proton males in the end encryption and help spread the privacy message amongst your circle of influence. 5. Creating Strong Passwords: Because you've installed the password manager from the previous lecture, you have all you need to create unique and strong passwords. The password generator. In multiple surveys conducted on password use and security, it is consistently found that users use the same or variance of a root password, haven't changed the password in over a year and don't think their accounts are worthy of a crooks time. The reasons behind this risky behavior also fall into predictable categories. We want passwords that are easy to memorize because we're afraid we will forget important passwords. And we want to feel like we're in control of our login information. Remember, the reason you want unique passwords for each individual account is because if your password gets compromised by someone, turns up in a data breach, it in its variance will be used to try and break into any account that you might likely have. Pick a bank or social media or email. Let's review how the password generator function works. Now some tips on changing all the passwords on your existing accounts. Don't try and do it all at once. Next time you login to one of your accounts, take a moment to change the password when you're already in the login window. Don't duplicate a password, even if the accounts are related. Make it at least 16 characters in length that loud. You'll have the password manager keep track of these, so don't worry about how long it is. Use the options in the generator to mix up the length and content of the password. Especially avoid characters that might be hard to read across different fonts. Within a week, most of your account should be changed and the rest should be complete within a month. Concern that you have an old account the forgotten about. Check have I been postponed to see if it's been found in a data breach. 6. Two-Factor Authentication Simplified: A companion task to the previous two lectures is to enable two-factor authentication wherever it's available. This will increase the security of your accounts well beyond what even the best password could. The way to factor works as you log into an account as you normally would with a username and password. And then you'll be required to enter the software token generated by your authentication app, which you have on your computer or mobile device. In this example, we'll be using the app Auth0. It's easy to use interface and access on all platforms make it ideal for our needs. They also provide detailed instructions to get you up and running for dozens of vendors. Here you can see what is covered for using Auth0 with Amazon. To get the app on your phone, simply go to Google Play or the Apple App Store and download it. It just takes a few simple steps to complete and is entirely free. This is how easy it is to use. Go into your target account and find where the option for activating two-factor authentication is. When using your phone. It's as simple as taking a picture of the account QR code and the app does the rest. Adding the name and account icon. Here we're going to do it manually. The count gives us a code to enter into our app, and Auth0 then generates a code that we must enter back into our account to verify they are connected. At this point, you'll be given a set of backup codes to enter in case you're not able to use your authentication app to login to your account, usually is or sets of numbers. In this case with Outlook, it looks something like a serial number. And either case record these and keep them safe. It's what you'll need to get back into your accounts. Even though two-factor authentication can seem clumsy at first, the amount of protection it provides can't be overstated and it is well-worth a few seconds of inconvenience. 7. Creating Alias Emails: Keeping your personal information private can be made a lot easier by using an e-mail alias to separate the different ways you interact online. There are a number of companies that can help you accomplish this. Mini offer free options or a low cost option and some like my pseudo bundle, the ability to have email, text and phone and an alias name. I'll discuss my pseudo going a bit more detail in the mobile device section of the course. For this tutorial, we'll be using 33 mail to illustrate our main reason for using an alias e-mail, protecting our true identity against scammers and data brokers. It's useful to break these down into two categories. Throwaway or burning emails and six degrees of separation emails. The first type is for anything you might consider junk, like when signing up for a newsletter or when required to access content online. Making a purchase from a website, you might find sketchy or when sharing contact information with someone you feel uncomfortable giving your true email address to. This type can be easily discarded and forgotten after use. The second type is more semi-permanent, the kind of e-mail and that doesn't contain your true name. But you would use for long-term use like an Amazon account or PayPal, refer back to setting up your proton mail account for this type of e-mail. We'll start with the junk use email by setting up our 33 mail account. This will give us a good overview of how this functions with e-mail services that provide is similar operational procedure. Let's go through the sign-up process. I'm 33 male. Choose your target email where the throwaway addresses will be forwarded. Enter the username. I'm mentoring the target email for simplicity, but do not do this yourself. Use your password manager to generate a secure password. Confirm the account setup. Check out the Latest News section for more tips on using EHR account. Now we'll go through a use case for implementing your alias e-mail. On the Manage aliases tab is where we'll track the emails you've used. This is the typical process on signing up for an account newsletter or email list where you want to control how your information is used. Some accounts will flag the e-mail if you enter the site name. So I've used a numeral and place of the letter, but still know to whom this alias belongs. When you confirm the sign up, you'll notice that it has been addressed to your alias e-mail. One note at the free level of 33 mail, you can't reply without revealing your true email. So this is really ideal for one-way communication. At the end of this video are suggestions for services that provide variations at the free level which may suit your needs better. Back on the Manage aliases tab, you'll see options for blocking, which means the recipient will no longer be forwarded to your target account and hide to clean your page view. You can always unhide and address if you want to review it. There are multiple services available that offer variations on the free and paid service levels. Simple login and blur just to my pseudo is another option that we'll cover in more detail in the mobile device section of this course, review what they each offer and select the one that best fits your needs. Our goal is to present a barrier between the online world and your personal information using an alias e-mail. Going to accomplish that goal. 8. Review of Section Two and Preview of Section Three: In section 2 of this course, you focused on the information shared over the Internet by installing the last pass password manager, setting up an encrypted email account with proton male. Using the password managers and password generator function to create strong passwords. You've got familiar with two-factor authentication and created some alias emails for throwaway and as a barrier to your private information. These five parts are hugely important for securing your personal data as it flies around the internet with or without your permission. Section 3 will be a review of most well, you've already learned but applied to the mobile device, your cell phone.