Which of the following actions can you take to increase security of your Web browser?

Security Windows 10 Windows 8.1 Windows 11 Microsoft account dashboard More...Less

Inhaltsverzeichnis Show

Tips to protect your computer
Protect your personal information online
Protect yourself from scams
Prevent and remove malware
Windows Security
Other ways to remove malware
Microsoft Defender Offline
Need more help?
Use These Tools
Secure your accounts
Protect your Web browsing
Use antivirus software on your computer
Read More from The Privacy Project
Good Practices
Update your software and devices
Don’t install sketchy software
The Privacy Project
In Case of Emergency
Lock down your phone in case you lose it
Enable encryption on your laptop (it’s easier than it sounds)
The Importance of Paranoia
Keep Reading about Digital Data's Impact
Which of the following actions helps you protect credentials?
Which of the following are considered good practices for password security?
Which of the following is the most effective way to store confidential company information?
Which of the following are popular types of multifactor authentication?

Keeping your computer secure helps you avoid malware and direct hacking attempts designed to steal your personal information. Here are some ways you can help reduce your online risk when you use your computer at home.

Tips to protect your computer

Use a firewall
Windows has a firewall already built in and automatically turned on.
Keep all software up to date
Make sure to turn on automatic updates in Windows Update to keep Windows, Microsoft Office, and other Microsoft applications up to date. Turn on automatic updates for non-Microsoft software as well, especially browsers, Adobe Acrobat Reader, and other apps you regularly use.
Use antivirus software and keep it current
If you run Windows you have Windows Security or Windows Defender Security Center already installed on your device.

Tip: If you're a Microsoft 365 Family or Personal subscriber, you get Microsoft Defender included with your subscription at no extra charge. It helps protect all your devices - Windows, Mac, Android, and iOS. For more information see Getting started with Microsoft Defender.
Make sure your passwords are well-chosen and protected
To learn how, see Protect your passwords.
Don’t open suspicious attachments or click unusual links in messages.
They can appear in email, tweets, posts, online ads, messages, or attachments, and sometimes disguise themselves as known and trusted sources.
Browse the web safely
Avoid visiting sites that offer potentially illicit content. Many of these sites install malware on the fly or offer downloads that contain malware. Use a modern browser like Microsoft Edge, which can help block malicious websites and prevent malicious code from running on your computer.
Stay away from pirated material
Avoid streaming or downloading movies, music, books, or applications that do not come from trusted sources. They may contain malware.
Don't use USBs or other external devices unless you own them
To avoid infection by malware and viruses, ensure that all external devices either belong to you or come from a reliable source.

Protect your personal information online

Your privacy on the internet depends on your ability to control both the amount of personal information that you provide and who has access to that information. Find out how to protect your privacy on the internet.

Protect yourself from scams

When you read email, use social media, or browse the web, you should be wary of scams that try to steal your personal information (also known as identity theft), your money, or both. Many of these scams are known as "phishing scams" because they "fish" for your information. Find out how to protect yourself from phishing scams and avoid tech support scams.

Prevent and remove malware

One important step toward greater workplace security is to protect your computer against malware.

Windows Security

Windows Security (or Windows Defender Security Center in Windows 8 or early versions of Windows 10) is built in to Windows and provides real-time malware detection, prevention, and removal with cloud-delivered protection. It is intended for home, small business, and enterprise customers. For more info, see Help protect my computer with Windows Security.

Other ways to remove malware

To assist all Windows customers, including those who are not running Windows Security, Microsoft provides Microsoft Defender Offline.

Microsoft Defender Offline

Microsoft Defender Offline runs outside of Windows to remove rootkits and other threats that hide from the Windows operating system. This tool uses a small, separate operating environment, where evasive threats are unable to hide from antimalware scanners.

With Windows 10 and 11, Microsoft Defender Offline is built in to the operating system and can run from Windows Security. It is provided as a separate download for previous versions of Windows.

Learn more about Microsoft Defender Offline

Need more help?

By making a few simple changes to your devices and accounts, you can maintain security against outside parties’ unwanted attempts to access your data as well as protect your privacy from those you don’t consent to sharing your information with. Getting started is easy. Here’s a guide to the few simple changes you can make to protect yourself and your information online.

Use These Tools

Make smart use of the tools available to keep your data safe.

Secure your accounts

Why: In the past decade, data breaches and password leaks have struck companies such as Equifax, Facebook, Home Depot, Marriott, Target, Yahoo, and countless others. If you have online accounts, hackers have likely leaked data from at least one of them. Want to know which of your accounts have been compromised? Search for your email address on Have I Been Pwned? to cross-reference your email address with hundreds of data breaches.

How: Everyone should use a password manager to generate and remember different, complex passwords for every account — this is the most important thing people can do to protect their privacy and security today. Wirecutter’s favorite password managers are LastPass and 1Password. Both can generate passwords, monitor accounts for security breaches, suggest changing weak passwords, and sync your passwords between your computer and phone. Password managers seem intimidating to set up, but once you’ve installed one you just need to browse the Internet as usual. As you log in to accounts, the password manager saves your passwords and suggests changing weak or duplicate passwords. Over the course of a couple of weeks, you end up with new passwords for most of your accounts. Take this time to also change the default passwords for any devices in your house — if your home router, smart light bulbs, or security cameras are still using “password” or “1234” as the password, change them.

Everyone should also use two-step authentication whenever possible for their online accounts. Most banks and major social networks provide this option. As the name suggests, two-step authentication requires two steps: entering your password and entering a number only you can access. For example, step one is logging in to Facebook with your username and password. In step two, Facebook sends a temporary code to you in a text message or, even better, through an app like Google Authenticator, and you enter that code to log in.

Protect your Web browsing

Why: Companies and websites track everything you do online. Every ad, social network button, and website collects information about your location, browsing habits, and more. The data collected reveals more about you than you might expect. You might think yourself clever for never tweeting your medical problems or sharing all your religious beliefs on Facebook, for instance, but chances are good that the websites you visit regularly provide all the data advertisers need to pinpoint the type of person you are. This is part of how targeted ads remain one of the Internet’s most unsettling innovations.

How: A browser extension like uBlock Origin blocks ads and the data they collect. The uBlock Origin extension also prevents malware from running in your browser and gives you an easy way to turn the ad blocking off when you want to support sites you know are secure. Combine uBlock with Privacy Badger, which blocks trackers, and ads won’t follow you around as much. To slow down stalker ads even more, disable interest-based ads from Apple, Facebook, Google, and Twitter. A lot of websites offer means to opt out of data collection, but you need to do so manually. Simple Opt Out has direct links to opt-out instructions for major sites like Netflix, Reddit, and more. Doing this won’t eliminate the problem completely, but it will significantly cut down the amount of data collected.

You should also install the HTTPS Everywhere extension. HTTPS Everywhere automatically directs you to the secure version of a site when the site supports that, making it difficult for an attacker — especially if you’re on public Wi-Fi at a coffee shop, airport, or hotel — to digitally eavesdrop on what you’re doing.

Some people may want to use a virtual private network (VPN), but it’s not necessary for everyone. If you frequently connect to public Wi-Fi, a VPN is useful because it adds a layer of security to your browsing when HTTPS isn’t available. It can also provide some privacy from your Internet service provider and help minimize tracking based on your IP address. But all your Internet activity still flows through the VPN provider’s servers, so in using a VPN you’re choosing to trust that company over your ISP not to store or sell your data. Make sure you understand the pros and cons first, but if you want a VPN, Wirecutter recommends IVPN.

Use antivirus software on your computer

Why: Viruses might not seem as common as they were a decade ago, but they still exist. Malicious software on your computer can wreak all kinds of havoc, from annoying pop-ups to covert bitcoin mining to scanning for personal information. If you’re at risk for clicking perilous links, or if you share a computer with multiple people in a household, it’s worthwhile to set up antivirus software, especially on Windows computers.

How: If your computer runs Windows 10, you should use Microsoft’s built-in software, Windows Defender. Windows Defender offers plenty of security for most people, and it’s the main antivirus option that Wirecutter recommends; we reached that conclusion after speaking with several experts. If you run an older version of Windows (even though we recommend updating to Windows 10) or you use a shared computer, a second layer of protection might be necessary. For this purpose, Malwarebytes Premium is your best bet. Malwarebytes is unintrusive, it works well with Windows Defender, and it doesn’t push out dozens of annoying notifications like most antivirus utilities tend to do.

Mac users are typically okay with the protections included in macOS, especially if you download software only from Apple’s App Store and stick to well-known browser extensions. If you do want a second layer of security, Malwarebytes Premium is also available for Mac. You should avoid antivirus applications on your phone altogether and stick to downloading trusted apps from official stores.

Good Practices

Adopt healthy internet habits to ensure that you don't leave yourself prone.

Update your software and devices

Why: Phone and computer operating systems, Web browsers, popular apps, and even smart-home devices receive frequent updates with new features and security improvements. These security updates are typically far better at thwarting hackers than antivirus software.

How: All three major operating systems can update automatically, but you should take a moment to double-check that you have automatic updates enabled for your OS of choice: Windows, macOS, or Chrome OS. Although it’s frustrating to turn your computer on and have to wait out an update that might break the software you use, the security benefits are worth the trouble. These updates include new versions of Microsoft’s Edge browser and Apple’s Safari. Most third-party Web browsers, including Google’s Chrome and Mozilla Firefox, also update automatically. If you tend to leave your browser open all the time, remember to reboot it now and again to get those updates. Your phone also has automatic-update options. On Apple’s iPhone, enable automatic updates under Settings > General > Software Update. On Google’s Android operating system, security updates should happen automatically, but you can double-check by opening up Settings > System > Advanced > System Update.

For third-party software and apps, you may need to find and enable a Check for updates option in the software’s settings. Smart-home devices such as cameras, thermostats, and light bulbs can receive updates to the app as well as to the hardware itself. Check the settings using the device’s app to make sure these updates happen automatically; if you don’t find an automatic-update option, you may have to manually reboot the device on occasion (a monthly calendar reminder might help).

Don’t install sketchy software

Why: Every weird app you install on your phone and every browser extension or piece of software you download from a sketchy website represents another potential privacy and security hole. Countless mobile apps track your location everywhere you go and harvest your data without asking consent, even in children’s apps.

How: Stop downloading garbage software, and stick to downloading programs and browser extensions directly from their makers and official app stores. You don’t need half the apps on your phone, and getting rid of what you don’t need can make your phone feel faster. Once you clear out the apps you don’t use, audit the privacy permissions of what’s left. If you have an iPhone, open Settings and tap the Privacy option. On Android, head to Settings > Apps, and then tap the gear icon and select App Permissions. Here, you can see which apps have access to your location, contacts, microphone, and other data. Disable permissions where they don’t make sense—for example, Google Maps needs your location to function, but your notes app doesn’t. In the future, think about app permissions as you install new software; if an app is free, it’s possibly collecting and selling your data.

The same rules go for your computer. If you’re not sure what to delete from your Windows computer, Should I Remove It? can help you choose. (Yes, it’s more software, but you should delete it after you’re done using it.) Mac users don’t have an equivalent, but all software resides in the Applications folder, so it’s easy to sift through. If you find an app you don’t remember installing, search for it on Google, and then drag it to the trash to delete it if you don’t need it.

The Privacy Project

Technology has made our lives easier. But it also means that your data is no longer your own. We'll examine who is hoarding your information — and give you a guide for what you can do about it.

In Case of Emergency

Think ahead just in case you lose your phone or computer.

Lock down your phone in case you lose it

Why: You need to ensure nobody can get into your phone if you lose it or someone steals it. Smartphones are encrypted by default, which is great, but you still need to take a few steps to ensure your phone is properly locked down if it disappears.

How: You have two main defenses here. The first is to use a strong passcode alongside your biometric (fingerprint or face) login. The second is to set up your phone’s remote-tracking feature. If you haven’t taken the first step, set up a PIN number or pattern, and enable the biometric login on your phone. You can find these options on an iPhone under Settings > Face ID & Passcode or Touch ID & Passcode, and on an Android phone under Settings > Security and location.

Next, set up your phone’s remote-tracking feature. If you lose your phone, you’ll be able to see where it is, and you can remotely delete everything on the phone if you can’t recover it. On an iPhone, head to Settings, tap your name, and then go to iCloud > Find My iPhone. On an Android phone, tap Settings > Security & location and enable Find My Device.

Enable encryption on your laptop (it’s easier than it sounds)

Why: If you lose your laptop or someone steals it, the thief gets both a sweet new piece of hardware and access to your data. Even without your password, a thief can usually still copy files off the laptop if they know what they’re doing. If a stranger poked around your laptop, they might get a look at all your photos, say, or your tax returns, or maybe an unfinished bit of Game of Thrones fanfiction.

How: When you encrypt the storage drive on your laptop, your password and a security key protect your data; without your password or the key, the data becomes nonsense. Although encryption might sound like something from a high-tech spy movie, it’s simple and free to enable with built-in software. Follow these directions on how to set up encryption on both Windows and Mac.

Speaking of computer theft, if you store a lot of data on your computer, it’s worth the effort to back it up securely. For this purpose, Wirecutter likes the online backup service Backblaze, which encrypts all its data in a way that even the folks at Backblaze don’t have access to it.

The Importance of Paranoia

Ultimately, security and privacy are linked, so you need to get in the habit of protecting both. It might seem like a time-consuming, overwhelming headache, but once you follow these steps, all that’s left is to cultivate your judgment and establish good online behaviors.

Be suspicious of links in emails and on social media. Make your accounts private and don’t share anything you wouldn’t mind getting out anyway. Keep your main email address and phone number relatively private. Use a burner email account you don’t care about for shopping and other online activities; that way, if an account is hacked, it’s not linked to an important personal account, like that of your bank. Likewise, avoid using your real name and number when you have to sign up for a service you don’t care about, such as discount cards at a grocery store (your area code plus Jenny’s number usually gets you whatever club-card discount a retailer offers). Don’t link together services, like Facebook and Spotify, or Twitter and Instagram, unless you gain a useful feature from doing so. Don’t buy Internet of Things devices unless you’re willing to give up a little privacy for whatever convenience they provide.

Once you settle into a low-key, distrustful paranoia about new apps and services, you’re well on your way to avoiding many privacy-invading practices.

Keep Reading about Digital Data's Impact

Which of the following actions helps you protect credentials?

Correct Answer: Set a strong password.

Which of the following are considered good practices for password security?

The longer a password is, the better. Use at least 16 characters whenever possible. Make passwords that are hard to guess but easy to remember. To make passwords easier to remember, use sentences or phrases.

Which of the following is the most effective way to store confidential company information?

Encryption is the most effective way to protect your data from unauthorized access.

Which of the following are popular types of multifactor authentication?

Three Main Types of MFA Authentication Methods Things you know (knowledge), such as a password or PIN. Things you have (possession), such as a badge or smartphone. Things you are (inherence), such as a biometric like fingerprints or voice recognition.