How to Protect Your Digital Privacy

Why: In the past decade, data breaches and password leaks have struck companies such as Equifax, Facebook, Home Depot, Marriott, Target, Yahoo, and countless others. If you have online accounts, hackers have likely leaked data from at least one of them. Want to know which of your accounts have been compromised? Search for your email address on Have I Been Pwned? to cross-reference your email address with hundreds of data breaches. 

How: Everyone should use a password manager to generate and remember different, complex passwords for every account — this is the most important thing people can do to protect their privacy and security today. Wirecutter’s favorite password managers are LastPass and 1Password. Both can generate passwords, monitor accounts for security breaches, suggest changing weak passwords, and sync your passwords between your computer and phone. Password managers seem intimidating to set up, but once you’ve installed one you just need to browse the Internet as usual. As you log in to accounts, the password manager saves your passwords and suggests changing weak or duplicate passwords. Over the course of a couple of weeks, you end up with new passwords for most of your accounts. Take this time to also change the default passwords for any devices in your house — if your home router, smart light bulbs, or security cameras are still using “password” or “1234” as the password, change them.

Everyone should also use two-step authentication whenever possible for their online accounts. Most banks and major social networks provide this option. As the name suggests, two-step authentication requires two steps: entering your password and entering a number only you can access. For example, step one is logging in to Facebook with your username and password. In step two, Facebook sends a temporary code to you in a text message or, even better, through an app like Google Authenticator, and you enter that code to log in.