Why
Data breaches are unfortunately common, and your personal information may have been exposed without your knowledge. Regularly checking for compromised accounts allows you to take swift action to protect your identity, change passwords, and minimize the risk of unauthorized access to your accounts.
Action
Check for breaches and sign up for monitoring:
- Visit https://haveibeenpwned.com/
- Enter your email addresses and usernames
- Check your phone numbers if the service allows
- Sign up for future breach notifications using services like Firefox Monitor or BreachAlarm
- Consider using identity theft monitoring services for additional protection
Review breach details:
- Note which accounts were affected
- Identify what types of data were exposed (e.g., emails, passwords, credit cards)
For each compromised account:
- Change the password immediately:
- Use your password manager to generate a strong, unique password
- Enable two-factor authentication if not already active
- Review and update security questions
- Check account activity for any suspicious actions
- Update any other accounts where you used the same password
For financial accounts:
- Monitor statements for unauthorized transactions
- Consider requesting a new credit/debit card if card info was exposed
If Social Security numbers were exposed:
- Consider placing a fraud alert or credit freeze
- Monitor your credit reports for suspicious activity
For email account breaches:
- Be extra vigilant about phishing attempts
- Consider setting up email aliases for different services
Learn from the breaches:
- Identify patterns in your compromised accounts
- Adjust your security practices accordingly
Remember
Data breaches are often discovered long after they occur. Regular password changes and unique passwords for each account are crucial practices to minimize potential damage.
Why
Setting up account alerts for your banks and credit cards is a crucial step in monitoring your financial security. These alerts can notify you of potentially fraudulent activity, large transactions, low balances, and other important account events, allowing you to respond quickly to any unauthorized actions.
Action
Gather your information:
- List all your bank and credit card accounts
- Ensure you have login credentials for each account’s online portal
For each bank account:
- Log into your online banking portal
- Look for “Alerts” or “Notifications” in the settings or menu
- Set up the following alerts (as available):
- Large withdrawals (set a threshold amount)
- Low balance warnings
- Direct deposit notifications
- Password or personal info changes
- Login attempts from new devices
- Choose notification method (email, text, push notification)
For each credit card:
- Log into your credit card account online
- Find the “Alerts” or “Account Notifications” section
- Set up alerts for:
- Purchases over a certain amount
- Online, phone, or international purchases
- Declined transactions
- Approaching credit limit
- Payment due reminders
- Suspicious activity alerts
- Select preferred notification method
For overall credit monitoring:
- Consider setting up a free service like Credit Karma or Credit Sesame
- Set up alerts for changes to your credit score or new accounts opened in your name
Test your alerts:
- Make a small purchase or withdrawal
- Ensure you receive the alert in a timely manner
Review and adjust:
- After a few weeks, review the frequency and usefulness of alerts
- Adjust thresholds or alert types as needed to reduce alert fatigue
Keep contact info updated:
- Ensure your email and phone number are current for all accounts
- Update immediately if you change your contact information
Mobile app settings:
- If using mobile banking apps, check for additional alert options
- Ensure push notifications are enabled on your device
Document your alert setup:
- Keep a secure record of which alerts are active for each account
Remember
While alerts are helpful, they shouldn’t replace regular account monitoring. Review your accounts regularly to catch any issues that might not trigger an alert. Also, be cautious of phishing attempts disguised as account alerts – always log in to your accounts directly rather than clicking links in emails or texts.
Why
A Digital Emergency Plan ensures that your digital life can be managed in case you’re hacked, incapacitated or deceased. Without proper preparation, even well-meaning family members can’t protect your digital assets or prevent ongoing fraud. This plan provides a secure way for trusted individuals to access crucial accounts and digital assets, protecting your online identity and ensuring your digital legacy is handled according to your wishes.
Action
Choose 2-3 trusted emergency contacts:
- Select family members or close friends who can act on your behalf
- Give each person clear instructions about their role in various scenarios
- Update emergency contacts in your phone (ICE - In Case of Emergency)
Create and securely store an emergency document:
- Use a password-protected file format (e.g., encrypted PDF)
- Consider using a secure digital vault service (e.g., LastPass, 1Password)
- Store a digital copy in an encrypted cloud service
- Keep a physical copy in a secure location (e.g., safe deposit box)
Include the following information in the document:
- List of important accounts:
- Email, financial, social media, cloud storage
- Include usernames (but not passwords)
- List financial institutions and account types (not numbers)
- Password manager information:
- Name of the service
- Master password hint (not the password itself)
- Instructions for accessing emergency access features
- Two-factor authentication recovery codes
- Contact information:
- Your primary email addresses and phone numbers
- Attorney and financial advisor details if applicable
- Digital asset inventory:
- Cryptocurrencies, digital purchases, domain names
- Instructions for accessing hardware:
- Computer, phone, external hard drives
- Backup locations and access methods
- Location of important documents (will, insurance policies)
Set up emergency access:
- Enable emergency access features in your password manager
- Inform trusted contacts about the existence and location of your plan
- Don’t share passwords directly - use sealed envelopes or password manager features
Regular updates:
- Set a reminder to review and update the plan every 6-12 months
- Update after any major life changes, new accounts, or relationship changes
Additional Considerations
Beneficiaries and estate planning: Update beneficiaries on all financial accounts and insurance policies. Consider creating a comprehensive digital estate plan that goes beyond emergency access.
Digital Will: Create a comprehensive digital will that designates a digital executor and provides instructions for each account (close, memorialize, transfer). Include wishes for social media accounts and specify how to handle digital assets.
Legal planning: Research your local laws regarding digital assets and estate planning. Consider consulting with a lawyer to ensure your plan is legally sound and explore using a legal service for digital estate planning.
Advanced security: Consider using a “dead man’s switch” service that automatically shares access information if you don’t check in regularly.
Remember
Balance security with accessibility. The plan should be secure enough to prevent unauthorized access, but accessible to trusted individuals in case of an emergency.
Why
A Virtual Private Network (VPN) encrypts your internet connection, enhancing your online privacy and security. It’s particularly useful when using public Wi-Fi networks, accessing geo-restricted content, or maintaining privacy from your ISP. Setting up a VPN on all your devices ensures consistent protection across your digital life.
Action
a. Select a VPN Provider
- Research reputable providers (e.g., NordVPN, ExpressVPN, ProtonVPN)
- Consider factors like speed, server locations, device limits, and price
- Look for services with a strict no-logs policy and strong encryption
b. Create Your VPN Account
- Visit the provider’s website
- Choose a plan and create an account
- Note down your login credentials
c. Install VPN on All Devices
Computer (Windows/Mac):
- Download the VPN client from the provider’s website
- Install the application
- Launch the app and log in
- Choose a server and connect
- Test the connection by visiting ipleak.net
Smartphone/Tablet (iOS/Android):
- Visit the App Store or Google Play Store
- Search for your VPN provider’s app
- Download and install the app
- Open the app and log in
- Select a server and connect
- Verify the connection is working
Router (for whole-home protection):
- Check if your router supports VPN client mode
- If supported, log into your router’s admin panel
- Look for VPN client settings
- Enter your VPN provider’s server details and credentials
- Save and apply settings
d. Enable Auto-Connect Protection
- Set your devices to automatically connect to the VPN on startup or when joining unknown Wi-Fi networks
e. Verify VPN Functionality
- Visit ipleak.net or whatismyipaddress.com to ensure your IP is masked
- Try accessing a geo-restricted website to verify functionality
- Explore the VPN app’s settings for features like:
- Split tunneling (choosing which apps use the VPN)
- Kill switch (cuts internet if VPN disconnects)
- Protocol selection (e.g., OpenVPN, WireGuard)
g. Establish Usage Guidelines
- Decide when to always use the VPN (e.g., on public Wi-Fi)
- Identify any services that might need the VPN turned off
h. Train Family Members
- Explain the importance of using the VPN
- Show them how to connect and disconnect
i. Maintain Your VPN Setup
- Enable auto-updates or check manually for updates monthly
Remember
While VPNs greatly enhance privacy, they’re not a complete anonymity solution. Continue to practice safe browsing habits and be aware of the limitations of VPN services.
Why
Keeping your devices and software up-to-date is crucial for maintaining security. Updates often include patches for newly discovered vulnerabilities, making it harder for attackers to exploit your systems. Enabling automatic updates ensures you’re protected without having to remember to manually update each device or application.
Action
Remember
While auto-updates are generally beneficial, they can occasionally cause issues. Have a backup system in place.
Why
Full-disk encryption protects all the data on your device by making it unreadable without the correct authentication. This is crucial for protecting your personal information if your device is lost or stolen. Most modern operating systems offer built-in full-disk encryption tools that are easy to set up and use.
Action
For Windows 10/11 (using BitLocker):
- Ensure your PC has a TPM (Trusted Platform Module)
- Open ‘Control Panel’ > ‘System and Security’ > ‘BitLocker Drive Encryption’
- Click ‘Turn on BitLocker’ next to your system drive
- Follow the prompts to set up BitLocker
- Save the recovery key in a secure location (not on the same device)
For macOS (using FileVault):
- Click the Apple menu > ‘System Preferences’ > ‘Security & Privacy’
- Click the ‘FileVault’ tab
- Click ‘Turn On FileVault’
- Choose how you want to be able to unlock your disk and reset your password
- Write down the recovery key and store it securely
For Android:
- Go to ‘Settings’ > ‘Security’ or ‘Security & location’
- Tap ‘Encrypt phone’ or ‘Encryption & credentials’
- Follow the prompts to encrypt your device
- Note: Many modern Android devices are encrypted by default
For iOS:
- iOS devices are encrypted by default when you set a passcode
- Go to ‘Settings’ > ‘Touch ID & Passcode’ or ‘Face ID & Passcode’
- Set a strong passcode if you haven’t already
For external hard drives (Windows):
- Connect the drive and open File Explorer
- Right-click the drive and select ‘Turn on BitLocker’
- Follow the prompts to encrypt the drive
For external hard drives (macOS):
- Open ‘Disk Utility’
- Select the drive and click ‘Erase’
- Choose a name, format as ‘APFS (Encrypted)’ or ‘Mac OS Extended (Journaled, Encrypted)’
- Set a strong password
After encryption:
- Restart each device to ensure encryption is fully enabled
- Verify encryption status in system settings
Backup recovery keys:
- Store recovery keys or passwords in a secure password manager
- Consider printing a hard copy and storing it in a secure physical location
Remember
Full-disk encryption may slightly impact performance on older devices. Always ensure you have backups of your data before encrypting, and never forget your encryption password or lose your recovery key, as your data will be irretrievable without them.
Why
A credit freeze, also known as a security freeze, prevents new accounts from being opened in your name by restricting access to your credit report. This is one of the most effective ways to prevent identity theft and fraudulent accounts. By freezing your credit with all three major credit bureaus, you significantly reduce the risk of financial fraud.
Action
Gather necessary information:
- Full name, address, date of birth, Social Security number
- Government-issued ID (driver’s license or passport)
- Proof of address (utility bill, bank statement)
Contact each of the three major credit bureaus:
- Equifax:
- Experian:
- TransUnion:
For each bureau:
- Create an account (if online)
- Verify your identity
- Request the credit freeze
- Note down the PIN or password provided by each bureau
- Store this information securely; you’ll need it to lift the freeze
Consider freezing your credit report at these additional bureaus:
- Innovis
- National Consumer Telecom & Utilities Exchange (NCTUE)
Important notes:
- A freeze remains in place until you lift it
- You can temporarily lift a freeze for specific creditors or time periods
- Credit freezes are free by law
- Set a reminder to check your free credit reports annually at AnnualCreditReport.com
Remember
A credit freeze doesn’t affect your credit score or prevent you from getting your free annual credit report. You’ll need to lift the freeze (temporarily or permanently) when applying for credit, jobs, or housing rentals that require a credit check.
Why
A comprehensive backup system is crucial for protecting your data against loss due to hardware failure, theft, ransomware, or disasters. The 3-2-1 backup strategy ensures you have multiple copies of your data in different locations, significantly reducing the risk of total data loss.
Action
Understand the 3-2-1 backup rule:
- 3 copies of your data (1 primary + 2 backups)
- 2 different storage media types
- 1 copy stored off-site
Choose your backup solutions:
- Primary backup (local):
- External hard drive or Network Attached Storage (NAS)
- Secondary backup (local, different type):
- Another external drive or a set of high-capacity USB drives
- Off-site backup (cloud):
- Dedicated backup services: Backblaze, iDrive, Carbonite
- Or use existing cloud storage: iCloud, OneDrive, Google Drive, Dropbox
Set up automatic local backups:
- Windows: Enable File History (Settings > Update & Security > Backup)
- macOS: Enable Time Machine (System Preferences > Time Machine)
- Connect an external drive and leave it plugged in for automatic daily backups
- Alternative: Use a Network Attached Storage (NAS) for wireless backups
Set up cloud backup:
- Choose between dedicated backup service or cloud storage
- Install the application and sign in
- Select folders to backup (Documents, Desktop, Photos, etc.)
- Enable automatic sync/backup
- Verify encryption is enabled
Test your backups:
- Monthly: Restore a few random files to verify they work
- Annually: Perform a full restore test to a spare device
Secure your backups:
- Encrypt local backup drives using BitLocker (Windows) or FileVault (Mac)
- Use strong, unique passwords for cloud services
- Enable two-factor authentication on all cloud accounts
Create a backup schedule:
- Continuous/Daily: Automatic cloud backups
- Daily: Local backups (if drive stays connected)
- Weekly: Full local backup if you disconnect drives
- Annually: Archive important data to a separate drive stored off-site
Document your backup system:
- List what’s backed up and where
- Store recovery instructions in your password manager
- Include encryption passwords and recovery keys
Remember
Regularly review and update your backup strategy. As your data changes, ensure your backup system still covers all crucial information.
Why
Using privacy services can significantly enhance your online and offline privacy by creating layers of separation between your personal information and various services you use. These tools help minimize your digital footprint, reduce spam, and protect against identity theft.
Action
Remember
While these services enhance privacy, they require ongoing management. Regularly review and update your usage to maintain effectiveness. Be aware of the terms of service for each tool, as some may have limitations or potential privacy trade-offs.
Why
Opting out of prescreened credit and insurance offers reduces unwanted mail, minimizes paper waste, and decreases the risk of identity theft from stolen mail. This process removes your name from lists that credit bureaus and insurance companies sell to lenders and insurers for marketing purposes.
Action
Choose your opt-out method:
For permanent opt-out:
- Complete the online form for initial opt-out
- Look for a confirmation form in the mail (arrives within 5 business days)
- Sign and return the form to make the opt-out permanent
Additional steps to reduce junk mail:
- Register with DMAchoice (www.dmachoice.org) to opt out of other direct mail marketing
- Contact individual companies that send you unwanted mail and request removal
For catalogs and other marketing lists:
Keep records:
- Note the date you opted out
- Save any confirmation emails or letters
Follow up:
- If you continue receiving offers after 60 days, contact the opt-out service again
Remember
Opting out won’t stop all junk mail, but it will significantly reduce prescreened credit and insurance offers. You may still receive offers from companies you do business with or from local merchants.
Why
Combining the National Do Not Call Registry with your phone carrier’s spam blocking services provides the best protection against unwanted calls. This dual approach significantly reduces telemarketing calls and helps protect you from potential phone scams.
Action
Remember
These services won’t stop all unwanted calls. Charities, political groups, and companies you do business with may still call. Never share personal information unless you initiated the call to a known number.
Why
Every online account, social media profile, and web service you use creates digital breadcrumbs that can be exploited. Old, forgotten accounts are especially vulnerable - they often have weak passwords, outdated security, and may have been compromised without your knowledge. Reducing your digital footprint limits attack surfaces and protects your privacy.
Action
- List all online accounts you can remember (email, social media, shopping, forums, apps).
- Search your email for “welcome” or “verify your account” messages to find forgotten accounts.
- Check password manager for old, unused accounts.
- Visit JustDeleteMe.xyz for instructions on deleting accounts from popular services.
- For accounts you can’t delete, remove personal information and use fake data.
- Delete or privatize old social media posts and photos.
- Unsubscribe from unnecessary email lists and newsletters.
- Remove your information from people search sites like Whitepages, Spokeo, and BeenVerified.
- Consider using DeleteMe or similar services for comprehensive removal.
- Document accounts you’re keeping in your password manager.
Remember
Focus on accounts that contain sensitive information first: financial services, healthcare, government sites, and anywhere with your SSN or payment details. For accounts you must keep, ensure they have strong, unique passwords and 2FA enabled.
Why
Critical accounts are those that, if compromised, could lead to significant personal, financial, or professional damage. These typically include email (especially if used for account recovery), financial accounts, and primary social media profiles. Securing these accounts is vital to protect your digital identity, finances, and personal information from unauthorized access and potential misuse.
Action
Remember
Your critical accounts are the keys to your digital kingdom - securing them with unique passwords, 2FA, and printed backup codes is your first and most important line of defense against digital threats.
Why
Securing your physical devices and enabling tracking features helps protect your valuable data and increases the chances of recovering lost or stolen devices. This process involves setting up security measures and activating built-in tracking capabilities on your smartphones, tablets, and laptops.
Action
Smartphones and Tablets:
- Set up strong screen lock:
- Use biometrics (fingerprint, face recognition) when available
- Set a strong PIN or password as backup
- Enable remote tracking:
- iPhone: Settings > [Your Name] > Find My > Find My iPhone
- Android: Settings > Google > Find My Device
- Enable remote wiping capability
- Encrypt device storage if not done by default
Laptops:
- Set up strong login password
- Enable disk encryption:
- Windows: Turn on BitLocker
- macOS: Enable FileVault
- Install tracking software:
- Windows: Enable “Find my device”
- macOS: Enable “Find My Mac”
- Set up firmware password (for Macs) or BIOS/UEFI password (for PCs)
Additional security measures:
- Install and update reputable antivirus/anti-malware software
- Disable automatic connection to open Wi-Fi networks
Record device information:
- Note down serial numbers, IMEI numbers (for phones)
- Take photos of devices for insurance purposes
- Add this information to your Digital Emergency Plan
Set up Multi-Device Management (if applicable):
- Use Apple’s Find My network or Google’s Find My Device
- Consider third-party solutions for cross-platform management
Physical security:
- Use laptop locks in public spaces
- Never leave devices unattended in public
- Consider privacy screens for working in public areas
Test tracking features:
- Ensure you can locate and remotely control each device
Remember
While these measures significantly improve security, no system is foolproof. Ensure automatic updates are enabled (see “Enable Auto-Updates” task) and maintain regular backups (see “Implement 3-2-1 Backup Strategy” task).
Why
A secure home Wi-Fi network is crucial for protecting your personal data and devices from unauthorized access. By implementing strong security measures, you can significantly reduce the risk of hackers intercepting your internet traffic or gaining access to your connected devices.
Action
Access your router’s admin panel:
- Connect to your Wi-Fi network
- Open a web browser and enter your router’s IP address (often 192.168.0.1 or 192.168.1.1)
- Log in with admin credentials (if you haven’t changed these, check the router’s manual for default login)
Update router firmware:
- Look for a “Firmware Update” or “Router Update” option
- If an update is available, download and install it
Change the router’s admin password:
- Find “Administration” or “Settings” section
- Create a strong, unique password
Set up a strong Wi-Fi password:
- Locate “Wireless Settings” or “Wi-Fi Security”
- Choose WPA3 if available, or WPA2 at minimum
- Create a strong, unique password (at least 12 characters, mix of upper/lowercase, numbers, symbols)
Update your network name (SSID):
- Choose a name that doesn’t reveal personal information
- Consider hiding your SSID (note: this only deters casual users)
Enable network encryption:
- Ensure WPA3 or WPA2 encryption is enabled
- Avoid WEP encryption as it’s outdated and insecure
Set up a guest network:
- Look for “Guest Network” settings
- Enable the guest network with a separate password
- Limit guest network access to internet only, not your local network
Enable firewall:
- Find firewall settings in security options
- Enable if not already active
Disable remote management:
- Look for “Remote Management” or “Remote Administration”
- Ensure it’s turned off
Use DNS security:
- Consider changing to a secure DNS provider (e.g., Cloudflare’s 1.1.1.1 or Google’s 8.8.8.8)
Disable WPS (Wi-Fi Protected Setup):
- Find WPS settings and turn off if available
Control device access:
- Enable MAC address filtering for an extra layer of security
- Only allow known devices to connect
Position your router securely:
- Place the router in a central location, away from windows
Document your changes:
- Write down new passwords and settings (store securely)
Remember
Regularly update your router’s firmware and review these settings. A secure Wi-Fi network is an essential part of your overall digital security strategy.
Why
Identity theft monitoring services help detect potential fraudulent use of your personal information. These services can alert you to suspicious activities, potentially preventing or minimizing the impact of identity theft. While not foolproof, they provide an additional layer of protection for your personal and financial data.
Action
Research identity theft monitoring services:
- Popular options include IdentityForce, Identity Guard, LifeLock, and Experian IdentityWorks
- Compare features, pricing, and customer reviews
Sign up and configure your chosen service:
- Download the service’s mobile app for real-time alerts
- Enable notifications for suspicious activities
Review your credit reports:
- Many services offer free credit reports; review them for accuracy
Familiarize yourself with the recovery services:
- Understand what assistance is available if identity theft occurs
Set a reminder:
- Schedule regular checks of your monitoring dashboard (e.g., monthly)
Keep your contact information updated:
- Ensure the service can reach you if suspicious activity is detected
Remember
While identity theft monitoring can be helpful, it’s not a guarantee against identity theft. Continue to practice good security habits, regularly review your financial statements, and be cautious about sharing personal information.
Why
A password manager is a crucial tool for maintaining strong, unique passwords across all your accounts without having to memorize them. It significantly enhances your online security by allowing you to use complex passwords for each account, reducing the risk of multiple accounts being compromised if one password is leaked.
Action
- Select a reputable password manager. 1Password is recommended for most users but LastPass and Bitwarden are also great choices.
- Download and install the application on your primary device.
- Create a strong master password - this is the only password you’ll need to remember.
- Set up two-factor authentication for your password manager account.
- Print your Emergency Kit/Recovery Key and store it in a secure physical location (safe or safety deposit box).
- Install browser extensions and mobile apps on all your devices.
- Enable auto-fill features for convenience, but be cautious on shared devices.
- Use the password generator to create strong, unique passwords for your accounts moving forward.
- Start adding your existing passwords to the manager.
- Gradually replace weak or reused passwords with new, strong ones.
Remember
Your master password should be long, complex, and completely unique. Never use it for any other account.