Basic computer security

There is more to computer security than just installing an anti-virus program and forgetting about it. We offer some tips on securing your computer and how to try and keep it secure.

The foundation of computer security is layered

Computer security has many different components and many different approaches. One can take protection to the extreme and do their best to block out the world at the expense of speed. Others will do nothing and act like it doesn't matter, and no matter what, they have it under control. At PCMD, we take the middle-of-the-road approach by utilizing reasonable protections with minimal effect on the computer's performance and internet browsing.

Just like computer security, everyone has a different opinion on personal privacy. Some like the spotlight, while others hide out in the dark. There is no right or wrong way to look at computer security if one implements the most basic protections available. What does basic protections mean, you may ask? Well, for starters using the computer responsibly and surfing the web smartly goes a long way. Beyond that, we recommend a wireless router with a built-in firewall and an anti-virus program running and keep it up to date. Some claim to get by with no anti-virus or malware tools, and they may be able to, but that approach will become harder and harder as time goes by.

A screen capture of Windows 10 security settings.

Microsoft Windows 10s built in security has come a long way and is considered viable protection

Use strong passwords or a password manager

Studies on end-user passwords and hacked password lists have shown that most users do not use strong passwords. Many end-users tend to use the same password for everything. Ask them to change it, and instant frustration and feelings of anger over their future failure to remember the new password sets in. Passwords are a part of life on the web, and strong passwords are more than a good idea; they are a necessity.

Strong passwords not used on more than one site are required to protect from random online attacks. So, what is a strong password? A strong password is a password that does not use dictionary words of any kind. Any word from any language and slang fall under this category. A strong password has varied input like capitals, numbers, and punctuation. A strong password is also reasonably long, say at least twelve or more characters. The longer the password, the lower the need for variation. If the password is twenty characters long, a strong password could be all letters of varied capitalization.

PCMD recommends using password generators to create the password and using password management program programs such as Dashlane, which has a password generator built-in, or one of the many others to automatically enter the password into the field. Having the password manager enter the information into the field automatically protects one from keyloggers that could potentially record your keystrokes.

By utilizing password management software, one can create passwords that meet the maximum length allowed by each website, making it very hard to crack or take a lifetime to break. Trying to type a password that is 64 characters long could be a challenge, so really long passwords would need to be reserved for accounts you would never need to enter the password manually. A thief will always go for the easy low-hanging fruit; therefore, using a strong password will keep one in a much better position than the person who uses their dog or cat's name for a password.

Corporate hacks make us all vulnerable

It is becoming common for major companies to get hacked and have millions of people's data released into the wild. These events leave users with no real protection besides changing their passwords regularly. Changing your password over and over will have no value if your targeted by a crook that knows your Social Security number, your address, and any other required verification information. The criminal can change your password at will, drain your bank account, close your credit cards, the list goes on and on. If a crook can answer the questions, they will get in. Careless corporations will force the consumer to use very complex means to prove account ownership. With time, privacy will not exist, and all consumer data will be exposed and available somewhere, and I wonder how people will prove they are real people? If every secret question answer you have created is on the Internet, how can one secure anything without biometric scans? I assume that someday we will be forced to use biometric scanning devices, but it will be years until they are reliable enough for everyday use. Even then, someone will be careless and release the data to the world's hackers.

Multi-Factor authentication

Multi-factor authentication has been in use for many years by most consumers already in the form of debit or credit cards. To use the card, one needs the card and the PIN now. Credit cards are not necessarily valid; however, one needs the three-digit card verification code online. Computer users can use two-factor authentication or 2FA with USB devices, cell phones, or dedicated devices. The USB device plugs into the computer and generates a one-time password allowing the user to log in when needed. USB devices are the most popular since they are small and affordable, yet they have compatibility issues. One may not log into all their websites, or they may not use their favorite Internet browser.

Cell phones receive a text message or pop up with a password that the user enters to log in to a web page or an online account. They need to acknowledge the activity on the device, allowing them to continue on the computer. Dedicated devices produce a code that, at a specific time, the code must be entered correctly, or wait and enter a new code. 2FA helps secure your password from being stolen, but it does not prevent companies from carelessly losing data.

Person using two factor authentication to sign in to account.

Two factor authentication can be used for many websites

Security Hardware

Over the years, a wide variety of hardware and tools have become available for people to secure their computers. Businesses have other demands than the consumer, but most small businesses do not need to spend the extra money acquiring business-grade hardware. Business-grade hardware is supposedly more resistant to attack. Yet, time and time again, companies build weaknesses in their devices that no one knows about until a security researcher stumbles upon them. These situations are good because the issue is fixable. The other side of the coin is hackers find these weaknesses and sell them to the highest bidder, allowing for attacks on companies who have no idea they are vulnerable. Usually, the consumer is the one that pays in the form of data breaches.

No matter what, all of your computers should not be directly connected to the Internet with just a modem. Connecting the modem to a wireless router with a firewall is the simplest way to get essential protection. Suppose you must have direct access to the Internet. A wireless router is configurable to allow a computer to access the Internet directly. The way to do this is to set up a DMZ, but generally, it is unadvised.

Program Security Holes

Installing some standard and trendy software opens the doors to many different problems. Most but not all software manufacturers release updates in response to security flaws they have become aware of. Sometimes manufacturers may never fix them, or it could be years before these problems are fixed or discovered, leaving everyone vulnerable to attack. If you use programs with an automatic update feature, ensure it is running. Therefore, the program will automatically install updates as soon as they come out, as long as you allow them to.

An excellent example of a program with security flaws is Java, which seems to need to be updated all the time. The more recent versions of Java will remove the previously installed version(s), which is nice. However, it only goes so far back, so any version not automatically uninstalled will need to be uninstalled manually. These older versions can cause minor troubles or slowdowns that seem to go away once Java gets uninstalled.

PCMD recommends you uninstall all older versions of Java unless a particular version is mandatory for either software or hardware support. If you do not know if you require a specific version of Java, the odds are good that you do not. Most versions of Java are available for download if you make a mistake and uninstall the wrong version. Most users don't need Java or use it, and manufacturers make money, including from other manufacturers' software, so end users are left thinking they need to use Java, even though they don't know why.

Another example is Adobe Flash, which was used for many different things from complete websites, banner ads, and simple things like flashing or scrolling text. Over the years, Flash had become very controversial, and one big reason was Apple not supporting it with their products. With the advent of HTML5 (HyperText Markup Language), Flash was retired at the end of 2020. If you still have it installed, uninstall it.

Taskbar notifications

The Windows 7 Taskbar Notifications area very similar to the Windows 8, 8.1, and 10 versions.

The taskbar is located at the right bottom corner of your screen. Here you will find the notifications area. The notifications area is where most programs let you know of updates and other things happening. It is important not to turn off specific notifications like Windows updates or Java updates. If an update can cause issues with the program, then definitely turn automatic updates off.

Malware can turn off notifications for you, or malware can take over an application's notifications and display a new one that looks very similar. Learn what your product icons look like so you know if they change. PCMD recommends regularly checking your taskbar for application updates or changes to icon appearance. More often than not, when PCMD is called to repair a computer, there are updates. Many people are concerned that they are phonies and do not install them. However, leaving your computer at risk of attack is just as bad. Keep an eye on the taskbar, and do not ignore pop-ups or icon changes.