Consultar Consult

Online Security

Online security starts on internet access devices, be it a smartphone, a computer or even the router.

Ideally, you should be able to protect your accounts and/or devices with a 2-step verification, i.e., you should be able to have access or verification performed in two steps, which brings double protection to your accounts.

This means that each time you use your passwords, a code will be sent to your mobile phone which will allow you to finally access the account or the device in question. 

Another option is to use a security key, which you insert into the USB port of your computer when it asks you for the access code.

How to activate the 2-Step verification

To activate this 2-step verification you must:

A. Google

  1. Sign in to Google
  2. Go to “My Account”.
  3. Click “Login and security”.
  4. Enter a mobile phone number to send the access codes to. For added security, check the option to be asked for the code again, even if it is accessed several times from the same device.

B. Microsoft

Sign in to your Microsoft account

In the “2-step verification” section, select “Set up 2-step verification”.

3. From this point on, the procedure is the same as before. Just follow the instructions, such as entering your phone number.

C. Apple

  1. Log in to the account page of the Apple ID
  2. Select the “2-step verification” option.
  3. Click “Start”.
  4. Answer the security questions and follow the steps to finish the setup.

[C]. SMARTPHONE SECURITY

For a smartphone, it is best to encrypt your device. See how you can do it below, depending on the system you use in your phone:

A. Android:


1. Under “Settings”, select the “Security” option.

2 Under “Security”, select “Encryption”. If you find the concept “Phone Encrypted” don’t be scared, it means that your device is already secure; otherwise you have to press “Encrypt Phone”.

3. The last thing to do is choose a good password. And no, your pet’s name is no good – it’s too easy.

B. iOS:

1. Under “Settings” select the “Touch ID and Code” option.
2 In this step, you can change the password of your device or create a new fingerprint. To do this, press “Add fingerprint” or “Change code”

If you want to filter who can connect to your network, just follow the steps below:

Android: under “Settings”, select the “Wi-Fi” option and then “Advanced Settings”.

iOS: under “Settings”, select the option “General”, then “Information”, and finally “Wi-Fi Address”.

TIPS FOR USING YOUR SMARTPHONE SAFELY

  1. Do not download apps from outside the operating systems’ own stores (Google Play, App Store, Microsoft Store).
  2. Keep your smartphone’s operating system and apps up-to-date.
  3. Protect your smartphone with a password or biometric access data (such as a fingerprint or face recognition) and enable auto-lock for when the smartphone is idle.
  4. Keep Bluetooth turned off whenever it is not required.
  5. Deactivate the message preview setting in order to reduce the risk of privacy violation.
  6. Install remote smartphone cleaning software (such as Find My Phone or Android Device Manager) that allows you to locate your phone and remotely delete all its contents in case of theft.

Smartphone security

For a smartphone, it is best to encrypt your device. See how you can do it below, depending on the system you use in your phone:

Android:
1. Under “Settings”, select the “Security” option.

2 Under “Security”, select “Encryption”. If you find the concept “Phone Encrypted” don’t be scared, it means that your device is already secure; otherwise you have to press “Encrypt Phone”.

3. The last thing to do is choose a good password. And no, your pet’s name is no good – it’s too easy.

iOS:
1. Under “Settings” select the “Touch ID and Code” option.
2 In this step, you can change the password of your device or create a new fingerprint. To do this, press “Add fingerprint” or “Change code”.

If you want to filter who can connect to your network, just follow the steps below:

Android: under “Settings”, select the “Wi-Fi” option and then “Advanced Settings”.

iOS: under “Settings”, select the option “General”, then “Information”, and finally “Wi-Fi Address”.

TIPS FOR USING YOUR SMARTPHONE SAFELY

  1. Do not download apps from outside the operating systems’ own stores (Google Play, App Store, Microsoft Store).
  2. Keep your smartphone’s operating system and apps up-to-date.
  3. Protect your smartphone with a password or biometric access data (such as a fingerprint or face recognition) and enable auto-lock for when the smartphone is idle.
  4. Keep Bluetooth turned off whenever it is not required.
  5. Deactivate the message preview setting in order to reduce the risk of privacy violation.
  6. Install remote smartphone cleaning software (such as Find My Phone or Android Device Manager) that allows you to locate your phone and remotely delete all its contents in case of theft.

Router security

For the router, you must protect it through encryption and the best way to do this is through some changes:

  1. Go to your router administrator’s web page and enter the username and password that appear on the device itself.
  2. Change the password to a secure one. Just go to your administrator’s website, in the “Router Access” section.
  3. In the Wi-Fi network security options, look for parameters that allow you to use WPA2-PSK authentication and AES encryption.
  4. Also, disable WPS mode.

On your home network it is still possible to decide who can connect to it, but it differs depending on your operating system:

Windows: it is a bit more complicated here, but if you follow the next steps well, you will not have any problems.

  1. Go to the Windows button and in the search box type “Run”.
  2. Type “cmd” and press Enter.
  3. In the next window, type “ipconfig/all” and press Enter.
  4. Look for the epigraph that says “physical address”.

Mac: under “System Preferences”, select the “Networks” option and then “Airport”. The Mac system has a filtering option for choosing which devices can connect to our network. This is very useful to prevent anyone from taking advantage of our connection.

How to use the incognito mode on a computer

When using public equipment (either computers or Wi-Fi networks) you should browse in incognito mode whenever possible. Find out how to do it:

  1. Open the browser (Google Chrome, Firefox or Safari, for example) for Internet access. To do this, you must double-click with the left mouse button. Don’t forget that the left mouse button does, while the right mouse button thinks (i.e., opens options).
  2. Click the button with ellipsis (in the upper right corner).
  3. Click on “new window without record” (ctrl+shift+n). The browser background in this option is darker in colour.
  4. In this incognito mode, no passwords are saved, data entered on forms is not recorded and the history of pages visited is not saved either.

How to create secure passwords

Passwords (whether they are for smartphone, router, email or social network accounts) must be personal and non-transferable. The rule for creating a good password is as follows:

  1. It should have at least 8 different characters made up of upper case, lower case, numbers and symbols.
  2. It should not consist of personal data such as family names or telephone numbers.
  3. It should be long and complex. It should preferably be a sentence and not a word and it does not need to make sense.
  4. You should use a password manager to ensure that you have different passwords for all devices, websites and personal accounts.
  5. You should change your passwords at least every 6 months.

You should also remember that it is not safe to have the same password for all your accounts and/or devices. Otherwise, you know that if a hacker gets into one of your accounts, they can access everything else.

PASSWORD MANAGER

To have all passwords under control, you should use a good password manager (such as 1Password and LastPass, for example). And, of course, the choice of the password of that manager (app), the so-called master password, will be the most important, since it will serve to protect the others. But whenever possible, you should use your biometric data for access (such as your fingerprint).

In case of theft or loss of one of the passwords, you should change it or try to recover it as soon as possible. This will prevent anyone from making unlawful use of your accounts and you will be able to access them normally.

SECRET QUESTION

One of the most common forms of undue access is the weakness of the secret question in case of forgetting the access password. Here is some advice to keep in mind when creating the secret question that is usually associated with account recovery:

  1. Do not provide any personal data that is not publicly known;
  2. Choose an answer that does not match the question (and you should be careful not to put names or dates).

The five most common mistakes we make online (and how to avoid them)

  1. Not checking our bank balance every month (or even every week). 

We should look at the transactions we have made and the commissions and fees we have paid at least once a month, because only then will we be able to see in good time if there has been any unauthorised use. 

  1. Using the same password or simple passwords. 

The secret is to use password managers – 1Password, LastPass, Dashlane, Keeper, Enpass – that help to create strong passwords and that keep all passwords behind a master password. Then just consult the password manager before logging in and enter the username and the corresponding password.

  1. Not using 2-step verification. 

This includes a second verification step after the password, i.e. a way for the user to prove that they are who they claim to be. It is a common procedure in most home banking and even personal email accounts. It can be done in several ways: (a) by receiving an SMS with a numerical code to complete a transaction; (b) by receiving a 16-digit password that renews itself every 15 seconds, (c) through confirmation with biometric data (for example, a fingerprint) or (d) by acquiring a Google Titan security key (which includes a USB key and a Bluetooth key that 

  1. Being careless about Public Wi-Fi. 

Using public Wi-Fi, from cafés and airports, for example, especially when they are open and without passwords, is particularly dangerous. Hackers can use public Wi-Fi networks to steal personal details. The best way to protect ourselves is to use a VPN (Virtual Private Network), in addition to only viewing pages with the https:// protocol. It is not fool proof, but it is an extra layer of protection for when we are using public networks.

  1. Not being suspicious enough. 

Most people are too trusting of banks, operators and brands – to whom we often give our details (ID numbers, credit card details, etc.) – and the best way to protect ourselves is to use the STOP method (which works mostly for emails): (a) is the email Suspicious?, (b) are you Trying to make me click on a link?, (c) are you Offering me something that seems too good to be true? and (d) are you Pressuring me to act fast? If the answer to these questions is yes, we must be particularly careful and, above all, never click on links from senders/sources that we do not know and/or are suspicious of.

How to protect yourself from viruses and hackers

There are several ways to ensure greater protection against viruses and hackers. Here are some:

  1. Keep the operating system and apps up-to-date. Particular care should be taken with Java on computers, as it is ubiquitous, but updates and weaknesses can act as a gateway for hackers and/or viruses.
  2. Set the Windows account to “Standard” instead of “Administrator”, since if we use the computer as Adm and the software we use is hacked for any reason, then any unsolicited access (malware or viruses) will benefit from the privileges Adm has and this can give the hacker total freedom. Moreover, in everyday life, a normal user doesn’t even notice the difference, and each time it is necessary to use Adm’s privileges (to update a certain program, for example), Windows requests this escalation (by simply entering the username and password).
  3. User Account Control (UAC) Settings should be (and in most cases are by default) at the highest standard, i.e. “Always notify me when: (i) applications try to install programs or make changes to my computer and (ii) I make changes that change the Windows settings”. And you should not just confirm whenever this notification appears (but especially when we have been on less recommendable/safe sites).
  4. WPS (Wi-Fi Protected Setup) on the Router – We must disable WPS (which is usually activated by default) because even though the goal is to make it easier to connect several devices through the click of a button, the security is fragile and it undermines the Wi-Fi encryption. To access these settings, simply enter (i) 192.168.1.1 or (ii) 192.168.0.1 in the browser and change the passwords set.
  5. Universal Plug and Play (UPnP) which makes it easier to connect equipment to the Internet, but is also a huge vulnerability of the system. Our advice is to deactivate this protocol and only reconnect it if your equipment at home starts to present any problems/instability regarding Internet access.
  6. Open DNS: This allows the connection to be faster and also more secure, as it assesses the legitimacy of some domains. In the router settings, change the first two server addresses (Static DNA 1 and Static DNS 2) to: 208.67.222.222 and 208.67.220.220
  7. Have an antivirus installed on your computer. Ideally, one with real-time protection, since it is the best way to avoid the so-called “drive by attacks”.
  8. Make backups whenever possible (either via cloud or hard drive).
  9. Avoid using public Wi-Fi (hotspots) since if they are not protected by a password, they are not encrypted and this means that anyone in the vicinity can intercept the wireless signal and see (almost) everything we do online.
  10. Use different passwords on each site / log in, since if a database is hacked and we use the same username/password for all accounts, the hacker can have “bots” running to check the username/password match on numerous sites (and not just the one that was hacked).
  11. Use 2-step verification whenever possible (especially on banking websites and email accounts).

WHAT ARE THE DIFFERENCES BETWEEN WIRELESS MOBILE DEVICE CONNECTION TECHNOLOGIES?

Bluetooth is a communication protocol that connects different wireless electronic devices such as mobile phones, computers, televisions, digital cameras, mice, keyboards, printers and headphones. 

Wi-Fi (short for Wireless Fidelity) or wireless, is a communication technology that does not require connection cables, using radio waves or infrared. 

NFC (Near Field Communication) is a newer technology that allows the transfer of data between devices that are close to or leaning against (pairing).

HOW TO USE THESE TECHNOLOGIES SAFELY

  1. You should turn them off whenever you don’t need them, because not only does it increase security, but it also reduces the battery consumption and resources of your mobile device. 
  2. In the case of Bluetooth, when using it, use the “hidden” mode instead of the “show to all” mode. 
  3. Remember that public Wi-Fi networks have higher security risks so never use them to access home banking services or other payment systems.

How to access and use email safely

  1. Keep an up-to-date and always active antivirus, as many antivirus programs on the market also fight malware and spyware.
  2. Activate the spam filter in your email account and check your spam folder regularly as some messages may be misclassified by the system as spam.
  3. Check the veracity of the contents you receive in your email, and do not feed chain mails.
  4. Do not run or download programs of unknown origin. Do not click on links of unknown origin.
  5. Keep your system’s firewall activated.

What does Google know about you?

You can find key info, privacy, and security settings all in your Google Account, which you can now access directly from Google apps, by tapping your profile picture.

Within the Google Account, you’ll find tools like the Privacy and Security Checkups, which help you go through their privacy and security settings, step-by-step – and even offer personalised suggestions. 

My Activity gives you transparency over data collected from your activity across Google services, and features privacy controls which allow you to switch the collection and use of data on or off to decide how all of Google can work better for you. 

Google Dashboard helps you see and manage the data in your Google Account. Your data includes the things you do, like searches, and the things you create, like email. Examples of this include: Chrome Browser History, viewed videos on YouTube, places visited on Maps, and more. You can view and manage this data at https://myaccount.google.com/dashboard

HOW TO CONSULT THE DATA THAT GOOGLE HAS ABOUT YOU

Google has a website where we can consult all the information that Google has stored about us and its forecasts for the coming months/years based on our interests and predictable development patterns. Google stores our likes and interests, but also where we’ve been and for how long.

Just visit the site http://www.google.com/settings/ads/.

WHAT ARE COOKIES?

A cookie is a small packet of data sent from a website to the user’s browser when they visit the website. Each time the user visits the site again, the browser sends the cookie back to the server to notify the user of the previous activities. Cookies are designed to be a trusted mechanism for websites to remember information about user activity, such as saved passwords, items added to a shopping basket in an online store, links that were previously clicked on, personalisation, and more.

To clear the cookies in your browser history, you should:

  1. On your computer, open Chrome (for example).
  2. At the top right, click More More.
  3. Click More tools and then Clear browsing data.
  4. At the top, choose a time range. To delete everything, select All time.
  5. Next to “Cookies and other site data” and “Cached images and files,” check the boxes.
  6. Click Clear data.