Between phishing attempts and classic “Nigerian” email scams, there are plenty of threats to the integrity of your email account. Even if you think you would never fall for a blatant attempt to get you to give up sensitive data, you might still be vulnerable to various kinds of hacking attempts. It’s never fun to have to explain to all 347 of your contacts why your email address has spammed them with a link for buying knock-off Oxycodone. Ultimately, email security remains an essential part of maintaining your privacy online.
In fact, the U.S. Senate’s proposed amendment to the Electronic Communications Privacy Act aims to make it harder for law officials to search through your old emails. But if you care about protecting your information, why wait for the Senate to take action? Follow our tips to make your email account safer from prying eyes. We’ll start with general suggestions and then cover some nifty tricks just for Gmail.
Password security
If you’ve worked at a desk job within the last few decades, you’ve probably heard dozens of lectures about how important it is to choose a secure email password. As boring as the topic may seem, it gets repeated for a reason. A ridiculous number of vulnerabilities can be avoided with a strong, robust, and frequently changed password. Don’t forget to make your security question a tough one, too.
If you have trouble inventing new passwords, try the sentence method: come up with a sentence that would seem obvious only to yourself, such as “My dog Spot eats steak quickly!” Then, turn it into an acronym and add a number for good measure, so that you wind up with, “MdSesq!64.” Your new password will roll off your fingertips while seeming impenetrable to anyone else. Of course, if you’re still having trouble remembering, you can always use a password manager app.
As important as it is to have a strong password to begin with, it’s just as essential to remember to change it often. To keep yourself honest, set a recurring reminder on your favorite calendar app. We recommend changing your password every three months to stay safe.
Avoiding cookies, viruses, and malware
This may go without saying for long-term Internet denizens, but general online security practices can help keep your email account safer, too. It’s helpful to set your internet browser to automatically clear all cookies every time you close the browser window. In Chrome, for instance, you can do this by opening “Settings,” clicking on “Advanced Settings,” clicking under “Content Settings” beneath “Privacy,” and then choosing “Keep local data only until I quit my browser.”
Additionally, you’ll definitely want to install dependable anti-virus and anti-spyware programs, keep them up to date, and run scans of your computer regularly. If you don’t know where to start, well-reviewed freeware such as Avast Free Antivirus, Microsoft Security Essentials, and Super AntiSpyware are all good bets.
Public key encryption
Email encryption using public key cryptography is practically the next best thing to printing all your emails and locking them within an impenetrable bank vault. Essentially, it generates two different keys for every message: an encryption key, which is completely public; and a decryption key, which is private to each user. The beauty of the system lies in the fact that users don’t need to send a secret code ahead of time before exchanging encrypted text. With public key encryption, even if someone gets ahold of your email password, all they’ll see is gibberish without proper decoding.
All public key encryption is based on software called PGP, which stands for “Pretty Good Privacy” and is available through a number of free programs. Try your hand at using Gpg4usb, Pgpi, or Enigmail (for Thunderbird only), and enjoy the exhilaration of feeling like an international spy.
Cross-website security with Tor
Even though they offer spectacular free email services, companies such as Google have a nasty reputation for collecting your browsing patterns across the Web. That’s where the free program Tor comes in. Originally developed with the U.S. Navy in mind, Tor now allows any security-minded individual to avoid cross-website tracking, thus safeguarding online privacy during email sessions. Basically, Tor blocks what’s known as “traffic analysis,” which can reveal a message’s source, affiliation, and other characteristics, even if that message contains encrypted data. Keep in mind that it will block browser plugins and downloaded files while running.
Anti-theft security with Prey
We hope it never happens to you, but if your computer does get lost or stolen, Prey may be your last best hope. Simply register your computer and download the free Prey software ahead of time. If your beloved device ever goes missing, you’ll be able to use Prey from afar to manage it. You can lock your computer, as well as delete all browsing data and cookies, from the safety of your home. That way, thieves won’t be able to log into your email account. Prey can even attempt to geo-trace your device and snap webcam photos of whomever’s using it, making it an invaluable detective’s tool.
Gmail-specific tips
Thanks to a healthy array of security options, Gmail provides one of the most secure email services out there. If you’re using Gmail, you’ll definitely want to try out these privacy measures.
1. 2-step verification: With 2-step verification, your Gmail account will require more than just a password every time you log on. It will also text a 4-digit code to the phone number you have on file, which you’ll need to enter before you can access your email account. While cumbersome – and ill-advisable for those without unlimited texting plans –2-step verification does add an extra layer of protection.
2. Always use HTTPS: In your Gmail account, click on the gear icon in the top right-hand corner, then select “settings.” Under “Browser connection,” highlight “Always use https.” With this option, Gmail will establish a secure connection during sessions, from login to logout, even if you’re using a public wireless network.
3. Modified email address: It may surprise you to know that Google doesn’t count anything after a plus sign as part of an email address. What does this mean for you? Well, simply add a “+” to your email address every time you provide your email to a company, and soon you’ll have a surefire way to discover which companies are sending you spam. For example, if your normal address is johnsmith@gmail.com and you’re about to sign up for a website called Kitten Cute, you can use johnsmith+kittencute@gmail.com as your email address for that site. That way, if you ever get spam addressed to “johnsmith+kittencute,” you’ll know exactly where it came from, helping you stay away from suspicious and potentially fraudulent messages.
Image via Elhombredenegro