This is the one and only time I’ll reference #GamerGate. People I know and care about are being targeted for harassment by both individuals and groups on both sides of the divide. That is not cool. Women in particular are being targeted, and more of them than I’d care to admit are afraid to speak or interact online for fear of harassment. Regardless of which side you’re on, no one deserves to be harassed or to live in fear, and I want to help. Here is a quick, streamlined guide on how to keep yourself safe online and make harassing you and tracking you down much more difficult.
I am by no means an expert, but these tips will still help. This guide is intended to be very simple for non-techy people, and almost all of the steps you only have to perform once. If you follow this guide from start to finish, you won’t have to remember 95% of it, and your daily routine will remain virtually unchanged. And you’ll be safer. There is no such thing as total safety and total protection, but if you can take a few preventative measures to make yourself a more difficult target, you will be safer because trying to ruin your day will be too difficult to be worth a harasser’s time.
If you think this guide is useful, please share it with people you think it will help.
1) Two-factor authentication on everything.
What it does: Makes it extremely difficult for anyone but you to log into your accounts.
How long it will take: 15 – 30 minutes, depending on how many accounts you have.
Will I ever have to do it again? No, but set it up when registering on new websites.
Go to this list and check for websites where you have accounts: https://twofactorauth.org/
Follow each link to set up two-factor authentication. If you’re not sure what that is, it’s simple: If you log into a website, it wants to make sure you are who you say you are, not just someone with your login and password. This usually means it sends your phone a text message with a random, one-time-use code to type into the box as a secondary password. People almost always have their phones with them, so this is a simple, reasonable security precaution.
It takes very little time to set up, and besides having a strong password, it is the most important thing you can do to keep yourself protected online. Remember the celebrity nude leaks? That would most likely not have happened if the celebrities enabled two-factor authentication. The hackers looked up the answers to the celebrities’ security questions and logged into their iCloud accounts that way. If they’d used two-factor authentication, the celebrities would have received a text message with a one-time-use code. They’d know someone was trying to log into their accounts, and the hackers would have been out of luck.
It’ll probably take 15 – 30 minutes to set it up across all of your accounts, but it is absolutely worth the time. And you only have to do it once. If absolutely nothing else, make sure your email, bank accounts, social media, and domain registrars have two-factor authentication set up. Hacking websites is a popular tactic, and it’s surprisingly easy to break in and wreak havoc. Protect yourself.
2) Password manager for unique, difficult passwords.
What it does: Creates impossible-to-break passwords for all your websites, and you only need to remember one.
How long it will take: 30 – 60 minutes, depending on how many accounts you have.
Will I ever have to do it again? No, but use your password manager to generate new passwords for you when registering on new websites.
Go here and install LastPass: http://www.lastpass.com
Or for Mac\iOS users, use 1Password: https://agilebits.com/onepassword
Use their “Security Check” to see how bad the situation is. Set aside an evening to go through and change ALL your passwords to long, complex, secure, unique passwords. All you have to remember is your primary password for LastPass, and it will remember the rest. I have over 500 unique passwords from 12 to 40 characters across every site I use.
Think of it this way: Websites get hacked constantly and they lose their entire password lists. This includes usernames and possibly email addresses. These are distributed to tens of thousands of people all over the world. Even if it’s an unimportant site, you can still get in some trouble. Imagine you made one purchase at an online retailer five years ago, and they got hacked. Let’s also imagine that you used that same password to create an account at your local Pizza Franchise.
If someone wants to screw with you, they can try your publicly-available email address with this hacked password. When they log in, they will have your full name, home address, any other address you’ve put into the system, the last four digits of your credit cards, and the expiration dates. That’s enough information to do very unpleasant things to your life with, and that’s just what Pizza Franchise knows about you. They may have the best password and data security in the world, but you reused a password.
This will take some time, but again, you only have to do it once, and you only have to remember one password. Even if the website seems unimportant, slap a big, complex password on it. You don’t have to remember it, so there’s no reason not to make it a beast of a password for someone else to crack.
Also, disable your web browser from remembering passwords. It’s not safe. You can view all saved passwords in Chrome instantly in plain text if you have the password to the computer. If you’re in an office with shared computers, everyone already has that password. When you install the LastPass browser plugin, it gives you the option to import all of your saved passwords, and then to delete them from the web browser. Say yes.
IMPORTANT NOTE: If you get the option to use backup codes or back up your authenticators, do so. Writing down the password isn’t the safest thing to do, but if you can do that and put it in a safe place, it will save you a WORLD of pain. Trust me, it sucks.
3) Install PrivacyFix.
What it does: Locks down all your privacy settings across major social networks.
How long it will take: 5 minutes.
Will I ever have to do it again? No, but it’s good to check every six months.
Go here and install PrivacyFix: http://privacyfix.com/start
This is an extremely simple wizard that will take you through the privacy and security settings of Facebook, Twitter, Google+, and LinkedIn to make sure your information stays safe and secure. It will only take five minutes, it’s very easy to do, and everyone on the internet should do it. This will keep you and your data safe and help you understand how this works.
4) Lock down old Facebook posts and adjust your privacy settings.
What it does: Locks down all your privacy settings in Facebook, and hides your old posts so people can’t dig through them.
How long it will take: 15 minutes.
Will I ever have to do it again? No, but it’s good to check every six months.
Follow every step of this excellent, comprehensive guide: http://lifehacker.com/5813990/the-always-up-to-date-guide-to-managing-your-facebook-privacy
When you post on Facebook, make sure you’re only sharing it with Friends, and not the Public. This will keep you safer. I’ve heard of people going back months to years of peoples’ Facebook posts to dig up personal information to use to harass people. You don’t have to live in fear, but if you can remember this step, it’ll make behavior like that much more difficult.
5) Domain name whois guard.
What it does: Hides your home address and phone number from your website’s public records.
How long it will take: 10 minutes.
Will I ever have to do it again? No, but it’s a small yearly recurring fee to keep it.
When you register a domain name, you generally use your real address. This is a problem, especially because swatting — the term for a jerk calling the police and reporting a hostage situation or violent crime at your address, which usually sends a SWAT team there to harass you — is becoming more popular. It’s incredibly easy to look up, and it’s also incredibly easy to secure it.
Here’s how to see what information: https://who.godaddy.com/whoisstd.aspx?domain=yourdomain.com
Replace “yourdomain.com” with your actual website name, of course.
If you’re lucky, there’s nothing personal in there. But most people don’t know this. Check with your domain registrar, because they will always offer a service called a “Whois Guard” or something like it that will hide that information. It’s about $5 a year, but it’s worth it. And you only have to do it once.
6) Delete old accounts.
What it does: Delete your old, unused accounts.
How long it will take: 15 to 30 minutes, depending on how many accounts you have.
Will I ever have to do it again? No.
If you have any old accounts or profiles online that you’re no longer using, go in and delete them. Remove all your information first and overwrite it with fake information just in case, then delete it.
Here’s an extremely helpful website that shows you precisely how to delete accounts just about anywhere: http://justdelete.me/
7) Check the internet for your personal information.
What it does: Finds out what personal information on you is available online so you can take it down.
How long it will take: 15 to 30 minutes, possibly longer if you go through the manual removal request process.
Will I ever have to do it again? Yes, about every three months or so to be safe.
Search on these sites to see what the internet knows about you:
There are instructions on these sites on how to remove your personal information from their engine. Or if you’d rather pay someone to search for all these things and remove them for you on a regular basis, for $129\year you can use DeleteMe: https://www.abine.com/deleteme/landing.php
8) Use a VPN.
What it does: Encrypts all of your communications online to keep you private and secure, and very easily.
How long it will take: 15 minutes to read about it and sign up.
Will I ever have to do it again? No, just use the VPN application whenever you’re online.
A Virtual Private Network, or VPN, is a way to securely connect to websites online using encryption in a way that’s virtually impossible to eavesdrop on or track. There are a wide variety of companies that offer VPN service. It’s inexpensive ($3 to 5 a month), most of them are good, and it’s extremely easy to do.
Here’s a guide to the best VPNs to choose: https://torrentfreak.com/which-vpn-services-take-your-anonymity-seriously-2014-edition-140315/
Most trolls probably won’t go this far to try to attack you, but this is a simple, forget-it’s-there way of staying private and secure online all the time. You will only be safer for using it, and the only downside to using a VPN is that sometimes (not always) they are slightly slower than an unencrypted connection, since it’s routing your traffic anonymously through another server.
Also, I do not recommend using a public VPN. You don’t know who is running them or if they are trustworthy, and they transmit your communication in the clear, which is bad. Use a private service, and pay for it. This will also protect you from a lot more than just harassment.
9) Extreme options.
What it does: Shows you how to permanently delete your online presence and social media accounts.
How long it will take: 10 to 20 minutes, depending on how many you delete.
Will I ever have to do it again? No.
If you need to delete all of your old tweets: http://www.tweetdelete.net/
Link to delete Facebook: https://www.facebook.com/help/delete_account
Link to delete Twitter: https://twitter.com/settings/account
Link to delete LinkedIn: https://www.linkedin.com/settings/?tab=account&modal=nsettings-manage-email
If you need to use social media and register for websites but don’t want to use your real name, try the Fake identity generator: http://www.fakenamegenerator.com/index.php
The final option is the total removal of all of your social media accounts and presence from the internet. This is not recommended, but here is a link with directions: http://thechangewithin.net/2014/03/10/commit-internet-suicide-disappear-web-forever/
On a final note, if you’re being harassed and start to think of something more serious than merely internet suicide, please go to http://www.suicidepreventionlifeline.org/ and get help. Internet trolls aren’t worth it.