We’re told everyone is spying on us and there’s nothing we can do about it. Between criminal hacking gangs, government surveillance, and tracking cookies, the media is full of stories that might convince you that even trying to be secure is a waste of time. But don’t be fooled — once you get past the hype, securing your communication is actually pretty easy.
With some basic email security best practices and a dash of common sense, you can ensure your private emails stay private. If you’re not sure where to start, here are four best practices you can act on today that’ll prevent your inbox from being compromised.
1. Create a strong password. Most of us have been taught to use random numbers and letters for passwords. In reality, this isn’t the best way to generate a password. Today, when a hacker wants to guess a password, they usually use a tool that guesses every possible sequence of numbers, letters, and symbols in order. Sure, a password like “45%aB!” might seem hard for a human to guess, but a computer program could easily crack it.
In order to make a truly secure password, you need to make it long. Every additional character exponentially increases the amount of time it will take to crack a password. That means a 32-character string like “CookedCabbageandDirt4alltheworld!” is basically unbreakable. And it’s easy to remember, too!
You should also use a different password for each account. That way, if someone hacks into a site you use and steals your password, they will only have access to that specific site account — not your email and other accounts. And don’t forget to pick new passwords every six months, just to be safe.
2. Use multi-factor identification. Why stop at one password when you can have two? Multi-factor identification requires two or more pieces of information to access your account. For example, Google’s 2-step verification sends a pin number to your cell phone when you want to sign in. You’ll need to provide that number and your password to gain access to your account. Even if someone manages to steal your password, they won’t be able to get in without your cell phone. Combined with other email security best practices, this makes your email account almost unbreakable.
3. Keep your browser clear. Storing passwords on your computer provides convenience, but it comes at a cost. If a hacker gets ahold of your computer, they’ll have access to your email account — along with any other accounts you’ve stored, such as eBay, PayPal, or your bank account. Even if you don’t store passwords, browsers such as Google Chrome can store information without your permission, putting you at risk.
Strengthen security by deleting cookies and other data, and changing your browser’s settings to delete them every time you close your browser. In Windows, click on your open browser and Press Ctrl + Shift + Delete. Make sure all the boxes are checked, set the drop down menu so it says “Everything” (Firefox), or “the beginning of time” (Chrome), and click the button. In Safari, click “Safari” on the top bar, select ”Clear History and Website Data…”, and select “all history” in the popup menu.
To change privacy settings in Firefox or Chrome, click on the button with three horizontal bars in the top right. In Firefox, click “Options” and select “Privacy” from the left side of the screen. Change “History” to “Never remember history.”
In Chrome, click “Settings” and select “Show advanced settings…” Click “Content settings” and select “Keep local data only until you close your browser” under cookies. There’s no built-in way to automatically delete history — you can either use Ctrl + Shift + Delete before you close every time, or install this plugin.
In Safari, there’s currently no way to automatically clear history every time. However, Safari (like Firefox and Chrome) lets you open a private browsing window, which will not store any data. Alternately, you can manually clear it after every session.
4. Encrypt your email. Every unencrypted email you send is potentially a target for hackers — all it takes is one unsecure server along your email’s path for a hacker to gain access to your message. Gmail uses SSL/TLS to encrypt email by default, but it’s not foolproof. If your recipient is on a server that doesn’t support SSL/TLS, the email will be sent, unencrypted. Even servers that support SSL/TLS aren’t completely safe, because emails have to be decrypted and re-encrypted every time they pass between servers. Email security best practices call for much stronger encryption
Virtru provides better security by using client-side encryption, meaning that your email is encrypted as soon as it leaves your computer, and it is only decrypted once it reaches your recipient’s inbox. Your emails stay safe because they don’t depend on individual servers for encryption.
While using multi-factor identification, having a complicated password, and keeping your browser clear all help protect you against hackers, encryption is the absolute best way to secure your inbox.
Virtru provides military-grade encryption, with user-friendly convenience. It’s easy to install, and works with your existing email account. Once you’ve installed it, just click the blue “v” before hitting send. When you do, you can rest assured: your email is protected from hackers, spies, and anyone else who could compromise your email security.