Internet Security

The internet is a cesspool of malware and socially awkward trolls. Stay ahead of these annoyances with these very simple tips.

Unsplashed background img 1



Passwords are an essential part of securing your digital content. Here are some basic guidelines in coming up with easy to remember, tough to crack password.

  • More is better

    The longer your password, the better. As a bare minimum your password should consist of 8 characters, 16 or more is recommended. If possible try to include upper and lower case letters, numbers, and symbols.

  • If using a small or single word password

    Limit or avoid using dictionary words in any language and common substitutions – One of the most common ways hackers gain access to unauthorized accounts is by using a method called a dictionary attack. They have a very simple script run down every possible word & word combination until it figures out your password. A common substitution would be replacing the letter a for @ or 4, I for !, 'and' for &, etc. Time to crack a password using a dictionary attack:

      For password: “password” it would take 52 seconds to guess.
      For password: “p@$$w0rD” it would take 3 days to guess.
      For password: “I go 2 work 4rom Monday – Friday!” it would take 248 “quindecillion” years to guess.

    These are just random estimates using an average computer. Just because the password p@$$w0rD takes 3 days to guess in this example doesn’t make it a good password. Many complex algorithms are used to compensate for these common methods of “masking” passwords, and a sophisticated hacker will hack any of those 3 passwords within minutes; including the last one, because it uses a very common sentence often used as an example of good passwords. Correct horse battery staple is another of those sentence made famous from this xkcd webcomic.

  • Do not use the same password twice

    In most cases, once the hacker has already targeted you they know your location, age, relationship status, social media accounts, and much more. If you use the same password across all your accounts the damage they can inflict on your online and offline identity can be disastrous.

  • Use a password manager

    A great, open-source, and free option for all platforms is KeePass. A better, compatible version of this password manager for Mac is MacPass. Simply think of one good, very strong password for your main database and store all your passwords in it. Using a cloud service like Dropbox to store your password database can guarantee you’ll always have your passwords wherever you are. Additionally KeePass incorporates a password generator, taking away the difficulty of always coming up with a new, secure password. KeePass is freely available for Windows, Mac, Linux, Android, iOS, Blackberry OS, and even Palm OS.

  • Do not use sequences or repeated characters

    Like 222333444 or pppaaasssswwwwooorrdd

  • Incremental passwords aren’t good

    Using password1, password2, password3 for different accounts, or after changing passwords adds no security.

  • Do not use passwords that contain personal information

    Your birthday, kids names, address, phone number, residence, high school/college, pets names, etc. are all easy to figure out with a little social engineering. Passwords of this nature will surely be exploited if someone is trying to gain access to your account.

  • Do not write down your passwords

    If you absolutely must do this make sure to store the paper away securely. The worst place to keep written passwords is on your monitor or desk.

  • Do not share your password with anyone
  • Examples of good passwords (difficult to remember, hard to crack)


  • Examples of great passwords (easy to remember, significantly harder to crack)

    I bet you will not be able to guess this one, give it a shot; I'll wait!!
    I'm 10 years short of being ten years older :)
    I enjoy watching movies but hate watching TV...



Unsplashed background img 2

Websites can be a lot of fun but they can also be downright malicious. Learn how to enhance your online experience whilst staying safe.

  • Block advertisements

    You’ll be surprised how much nicer and safer your online experience will be. The easiest way to do so is by using this addon:
    uBlock – This free browser add-on is available for Chrome, Firefox, Opera, Safari and Edge.

  • Scan files before downloading them

    A free and reputable solution can be found at Virus Total

  • Enable click to play for plug-ins and Flash

    This not only prevents certain types of malware from auto executing on your system, it also stops those annoying websites from auto playing videos and music. It is even better to disable flash altogether, but some websites might not function properly. To enable click to play:

      Google Chrome:
        Type about:flags in the URL bar → hit enter (↵) and scroll down to “Click to Play” → Enable.
        Restart Chrome.
        Type chrome://settings in the URL bar → hit enter, (↵) scroll down to “Under the Hood,” open it → click on “Content Settings” → Next to plug-ins you’ll see a “Click to play” option → Enable it.
        Type about:config in the url bar, hit enter, (↵) and select “I’ll be careful, I promise!”
        Search for plugins.click_to_play, double click it and make sure the value is set to “True”
        Alternatively there is a plug-in called Click to play per element which works much better than the default Firefox options.
        Install the ClicktoPlugin and ClicktoFlash plug-ins and activate them.
  • Always update your browser

    Firefox, Chrome, and Opera have built in auto-update features.
    Safari can be updated from System Preferences → Software Update.
    For Internet Explorer click on Settings → About Internet Explorer (Depending on your version click on update, or check Install new versions automatically.

  • Use HTTPS wherever possible

    Install HTTPS everywhere to enable this behavior by default.

  • Disable scripts on websites you don't trust

    This might break certain websites, so use with discretion.

        The No Script addon does an excellent job.



Unsplashed background img 2

All though email is one of the oldest forms of online communication, it is still one of the most insecure.

  • Disable auto-downloading of images in your email client

    Simply opening an image can send an attacker important information about your operating system, location, browser/software, IP address, and more.

      In Mac Mail go to Settings > Mail > Load Remote Images – Disable this option.
      In Outlook go to File > Options > Trust Center > Trust Center Settings > check “Don’t download pictures automatically.”

  • Discard email from untrusted sources

    If you must open the email make sure not to download any attachments, or load any images.

  • Scan new mail messages with your Anti Virus before downloading any attachments

    ClamAV is really good at this specific task.

  • Keep your email private

    Do not give out your email to strange websites, or reply to spam messages. A spammer sends out 1000’s of emails per day, usually waiting to see what accounts are actually being used by sending messages to every possible they can guess. Replying makes their life extremely easy.

  • Never discuss private or sensitive information over email

    If you must send sensitive files encrypt them in a Veracrypt volume and send that to the intended receiver. Veracrypt is a free, easy to use software that will make it close to impossible for an attacker to crack your sensitive data unless you send the password in clear-text. You could also use Privnote to send a one time, self destructing message.

  • Use multiple email addresses

    Work, Home, Play, etc. Gmail, Outlook, Yahoo, and many others offer email addresses for free. If you want to receive chain messages from a company, use a secondary email address, because a lot of companies have the bad habit of “sharing” your email address with their partners, and you might get spammed by these partners.

  • Be wary of attachments containing .pdf, .doc, .zip, .7z, .tar, .exe, .dmg, .jpg, and .png

    These types of attachments may contain malicious content. Only open these kinds of files if the source is confirmed and trusted.



Unsplashed background img 2

Privacy has become a commodity most will never experience, be one of the few.

  • Never give out personal or company information on the internet

    Only give out sensitive information, like credit card information, to trusted websites using encryption. – This can be spotted by the prefix: HTTPS:// in the URL bar.

  • Never give out personal, company, or sensitive information over the phone

    When using social media, be very careful with clicking on links posted by your friends to external sites. – Many times, if they’ve clicked on malware before, they are spreading it without knowing about it. As an important side note, everything you do, or have ever done on social media is logged and saved on remote servers. Privacy does not exist on social media!

  • Avoid using the social media buttons found on external sites

    A lot of these are not safe. If you wish to share something on social media, simply copy/paste the URL.

  • Don’t put all your personal information on social media

    Like your full birthday, complete name and address. This facilitates the work of anyone looking to steal your identity.

  • Make your social media profile private

    Only your friends should be able to see information about you, pictures, and other material that could be used for social engineering an attack on you, or stealing your identity.

  • Be cautious about Geo-location services

    You wouldn’t scream out in the middle of the street “I’m going to the movies from 10 to 12, nobody will be home!” for everyone to hear, so why do it on the internet?

  • Avoid flash websites and games

    Flash is an outdated technology with many vulnerabilities and exploits which can leak out information about your system/network. Many games are still based on flash, so just make sure they're from a trusted source and exercise caution.

  • Disable cookies in your browser

    Or at least delete them on exit, since outright disabling them requires some advanced configuration. A whole lot of information about you is being stored by websites, and some do sell this information to other companies. Install the Firefox plug-in lightbeam and check back after browsing the web for a while if you don’t believe the amount of cookies storing information about you is significant. Install Disconnect on all your devices to limit this behavior.



Unsplashed background img 2

With the vast amount of private and sensitive information contained inside of your devices, you can’t afford to leave them unsecured.

  • Always use anti-virus software

    All though a very common myth, OSX is not safe from malware. It never was, but just 10 years ago they held less than 5% of the PC market, making it unconventional for hackers to create exploits for them. Today’s estimates calculate Apple PC users at about 16%, and hackers have surely taken note of this. Add to that the popularity of iOS and you can be certain some very nasty malware is lurking out there for any operating system. There are many free anti-virus solutions to choose from:

        ClamXav, Avast!, Avira, Sophos, and Comodo just to name a few.
        Avast!, Microsoft Security Essentials, Malwarebyte’s, Spybot Search & Destroy, SUPERAntiSpyware, and many more.
        Avast!, AVG, Lookout, and TrustGo
  • Enable your firewall or download an alternative
        System Preferences > Security & Privacy > Firewall > Turn on Firewall
        Control Panel > System & Security > Windows Firewall > Turn Windows Firewall on.
  • Always make backups

    This is something everyone knows should be done, yet few actually do it. The fact is a hard drive has an expected lifetime of 5 years. It may last much longer, or much less, but one thing is certain: your hard drives will eventually fail. Having backups is essential.

        In OSX you can use the very easy to setup TimeMachine to keep a virtual copy of your current operating system. It would be wise to use a secondary backup option (on a separate drive) to keep your most important files redundantly backed up.
        In Windows open Control Panel > System and Security > Backup and Restore and setup your backup.
        Alternatively you could also store some of your files in your cloud. Dropbox offers 2GB for free, Google Drive offers 15GB for free, Copy offers 15GB for free, and Microsoft SkyDrive offers 7GB for free.
  • Keep sensitive files locked away in an encrypted container

    Veracrypt is a simple solution for this.

  • Always update your programs and operating systems

    The reason these updates exist is because more often than not exploits are found in the source code. Companies like Microsoft and Apple are very quick to react to this and release an update. Not updating leaves your system vulnerable to an otherwise preventable intrusion.

  • When downloading programs, pay attention to the check boxes

    A lot of times adware comes bundled with legitimate software. You can easily spot this by checking and making sure the boxes selected are things you actually want before clicking proceed/next/install.

  • Lock your computer

    No complicated password needed, but make sure you lock your computer when it will be unattended for a significant period of time. If you handle very sensitive information it's probably wise to encrypt your entire hard drive.

Stay safe!
Unsplashed background img 3