How to Secure Your Online Data and Privacy

In light of recent reports that one of PLDT’s Twitter accounts was hacked and of several individuals, mostly from University of the Philippines, reporting fake social media accounts under their name, it’s time to up your privacy game.

Here are some tips on how to avoid compromising your online data and privacy:

Always enable two-factor authentication. Use an authentication app instead of SMS. CNET.com explains how and why you should use it.
Take password security seriously. Never re-use passwords between different accounts. In case one gets compromised, your other accounts will remain secured and protected.
Protect yourself from phishing attacks. Don’t click that link from unknown senders. Always double-check the email sender address.
Protect your devices. Always enable password/passcode and encryption.
Avoid sharing too much information on social media. Do not post the following information:
- Names of family members (especially your mother’s maiden name)
- Your date of birth
- Where you were born
- Where you went to college
- Names of pets
- Old or current addresses
- Details about daily routines
Use a password manager like 1Password or LastPass to manage all of your various login credentials for you. They can also generate ultra-secure passwords for all your different accounts. You just have to remember one master password.
Protect your password resets: your email. Always select “require personal information to reset password” in Account Settings, and ensure your “secret questions” are strong ones. Another alternative: put a ridiculous answer. Make something up. Something that only makes sense to you.
Regularly check your account activity and delete third-party account connections. Log out of all sessions but the current one, and revoke account authorizations for any devices and apps you don’t recognize or don’t use anymore.
Check HaveIBeenPwned.com to see if your data or login credentials were leaked in recent data breaches.

For those who want to take it up a notch:

Change your passwords regularly, all of them. You can use password managers for this.
And use a secret email address (one that doesn’t really relate to your name) solely for logging into your social media accounts.
If all else fails, DELETE YOUR SOCIAL MEDIA ACCOUNTS. If your social media network does not deactivate fake accounts you report, then it is no longer safe for you to stay there.

For those who want to report fake accounts:

Learn more about privacy and security on DuckDuckGo‘s blog spreadprivacy.com, Citizen Lab’s Security Planner, and Electronic Frontier Foundation’s Surveillance Self-Defense guides.

Kenneth Dimalibot is the Engagement Editor of SubSelfie.com. He is a strategist, storyteller and humanitarian. Previously, he was the audience engagement and analytics lead at the Geneva-based The New Humanitarian, an independent non-profit news organisation reporting on humanitarian crises around the world, after several years working with Save the Children and the Red Cross in media, communication, and marketing roles.

From Manila, Kenneth has lived and worked in Southeast Asia, Europe, the Middle East, and North Africa.