Privacy and Social Media

General Data Security

Surprising no one, I have some thoughts that might help you protect your security overall, whether with a social media site or any other site on the internet, or indeed life in general. They make it harder for other people to get at your data, but easier for your to get at it securely when you need it. Again, it’s a bit of friction, it’s a layer in the way, so you’ll probably hate it.

Two factor authentication.

I think this might well be the most important step you can take. You’ve experienced Two Factor Authentication (2FA) before, without question. Examples are a site sending you a text message with a code after you log in, or if you’re actually security conscious and aware, maybe you use an authenticator program like those offered by Google (see above), Microsoft (in my opinion, secure, transparent and trustworthy – in know), and Lastpass, amongst others. These little beasts are on your phone and provide a second factor of authentication by supplying the code – and with more sophisticated implementations, allow you to unlock your phone and press a “yes, it’s me” type of button. So, what does that mean?

The first factor of authentication is your password: something that you know (and every password for every site is complex and unique, right?). The second factor is something you have (your phone, where you get the code to log in) or something you are (facial recognition or a fingerprint). In fact, most of the 2FA software requires facial recognition to unlock, so really you’ve got 3FA going on. That’s actually how my corporate network is set up now as well.

This is immensely secure. You can control how long a site needs to go between authentication sessions, but really it is quick and seamless. It’s one extra step that takes ten extra seconds and is so inconvenient. How inconvenient would a breach of your data be? Did you know you could put your Amazon account behind multi-factor authentication – you know, where your credit cards are stored for convenient purchase and checkout? And your home address for convenient delivery and robbery of all the stuff you’ve bought in the last 6 months? Look into multi-factor authentication on any of your main social media platforms (Facebook, Twitter and LinkedIn, as examples), and any site that stores credit card data like Amazon, Paypal, Ebay, and others. Once you are used to this, you will be happy you did it.

Password manager

Ok, you have ignored the advice to have unique passwords for every website, every login, and every service. You’ve also not used anything overly complex – just complex enough for you to allow the site to give you entry. You’ve even re-used the same password – your cat’s name, say – across your personal and work logins. Now Mr.Cuddles09876 might be exposed, and it secures your Facebook, your bank, and Revenue Canada. Nah, not you, right? Try going to the Firefox Monitor page and see if your password has been leaked to the darkweb.

Now that you’re scared, here’s what you can do. Your phone is handy and can store passwords. It’s great on your iPhone, right? Except that there’s no way to get those on your Windows PC, or anything non-Apple. (Ecosystems will be a whole other post). Google has a password manager, but it’s based on Chrome, so you have to run it everywhere. Firefox has one – same deal.

I will tell you that I can’t recommend Lastpass heartily enough, and I’m not the only one. An extension on your desktop browser of any kind – Chrome, Firefox, Edge, Brave, whatever – AND it’s available as the password fill on your phone. This means that when you get a password prompt, Lastpass does facial recognition, and then logs you in to your site. It handles multiple IDs for the same site with aplomb, and also has a family service so that you can share your Wifi Logins and music subscription passwords with your spouse and kids, while keeping the rest safe and secure so that only you can log into your banking. You can even monitor your kids’ passwords, too, if they are young and you want to look in on things.

This will help you log into social media, but also into things you use every day and you want to remain secure: online banking, retirement savings accounts, your payroll and HR accounts, keeping track of your recently changed password for your office PC that you can never remember – they all just fly by. Visual cues on your PC or phone ensure that when it’s password time, you click a button and it works. It fully integrates with facial and fingerprint recognition on your phone as well, making it secure and convenient all at once.

Once you get comfortable with it, and with it logging you in everywhere, you will really start to find the advantages that a password manager will bring. Now getting into travel sites, tax software, and other stuff you only use once or twice a year doesn’t start with the “forgot password” routine. It has remembered it from 12 months ago, which is better than your old brain trying to recall if it’s the 4th or 5th variation of the Mr.Cuddles password that you’ve used. Then the real power starts – Lastpass will even help to generate a completely complex, random, and frankly inscrutable password for you. It’s fast and easy, and it will automatically generate it, fill it (twice, on the password change screen), then remember it for you. 16 characters of random keyboard junk? No problem, it sorts it for you immediately, capitals and special characters included. Then you only need to remember one password, the one into Lastpass, and you can stay logged in on the devices you use all the time (so ensure you have a secure lock on your device as well!). And you can pick a password that you will remember to get you into Lastpass, and make all the other ones very complex; just make it a passphrase not a password, preferrably one without dictionary words in it.

But there’s more that this little browser extension does. It can load in your addresses (work, business, vacation, etc) on websites – automated form filling of the postal code you can never remember. It securely stores your credit card numbers so that you can have it autofill everything when making a purchase online. It makes payments of all types faster and easier. It even is a repository where you can store your vital document data – birth certificate numbers, passport numbers, drivers’ licence numbers, health care numbers, bank account information – so that if you have your wallet lost or stolen, you have that information handy for the discussions about cancelling and reiussing.

I have used Lastpass for about 10 years, and kind of use it as a digital safety deposit box. I have to say, it’s the first thing I install on any new PC or any new browser. It’s spectacular.

Anti-Virus and Spyware

Here’s what you need to know about anti-virus and anti-malware software: if you are running Windows 10 (which is now the only supported version of windows), and keeping it up-to-date, using the built-in Windows Virus and Threat Protection is all you need. The other services have been around since long before Microsoft made Defender (the software suite’s former name) a part of the operating system. Virus and Threat Protection gets updated regularly and for free. No subscriptions, and a very seamless integration into the OS. Frankly, the other suites are so aggressive, and so invasive, that they are almost spyware themselves. I’ve been using defender for well over 8 years and it does the job very well. Save your money.

Click below to continue reading –>

Insurance is my profession, and one of my passions. Motorcyclist, runner, skier, photography newbie. Nerdy tech geek, craft beer enthusiast. Thoughts are my own. Snark is omni-present.

One thought on “Privacy and Social Media

Do you like my blog? Do you hate my blog? Say something below. I promise to answer.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: