A Guide to Protecting Yourself Online

On Wednesay October 28th, Skidmore partnered with PEN America and the Freedom of the Press Foundation to deliver a digital safety self defense workshop as an installment of the second annual Skidmore Speaks event. Led by Viktorya Vilk (from PEN America) and Harlo Holmes (from Freedom of the Press Foundation), the workshop was designed as an interactive experience for Skidmore students, faculty, and staff to learn how to audit their online presence and better protect their personal information against  hacking, impersonation, message bombing and doxing. 

At the beginning of the online workshop, Vilk explained that her work aims to empower journalists and newsrooms to defend themselves against online abuse with the overarching goal of advocating for creative online freedom. In the same way, Holmes helps various media organizations and journalists to secure their online communications. 

This semester, there have been multiple instances of Skidmore students being doxed, which involves an individual’s private information being shared online without their permission, as well as being subject to online abuse. Ultimately, online abuse is often pervasive, severe, and extremely upsetting for the targeted individual or group. And in particular, those that identify as women, LGBTQIA+, and/or BIPOC are more likely to receive online harassment. Thus, it is incredibly valuable for the Skidmore student body to be aware of strategies that can help them protect their social media accounts and online persona. 

The majority of the live digital safety workshop involved Vilk and Holmes delivering anti-abuse tactics. In general, they stressed the importance of practicing password hygiene, which refers to diversifying and lengthening your passwords across your online accounts, along with getting in the habit of using encryption services for sensitive communication. In addition, they advocated for keeping your software and apps up to data, as well as regularly ‘doxing yourself’ (searching your name on multiple search engines) to stay aware of what information of yours is out there. 

For Skidmore students, it is most valuable to know how to protect your social media accounts from potential doxing or online harassment. With this in mind, I created the following guide to protecting yourself online, in the hopes of relaying the knowledgeable advice of Vilk and Holmes. 

What are some tips to help me enhance my general cyber security?

Keep your software and mobile apps updated! 

Why? The updates are made to fix any security bugs in the system’s software!

Get a password manager!

What is a password manager? A service that automatically generates secure passwords and saves them for you! 

What are some options? Some popular options are LastPass, DashLane, 1Password!

Practice password hygiene!

Tips: Create a different password for every account! Have at least 16 characters with some #s or symbols! Invent security questions with answers that cannot be found about you through a quick Google search!

Always set-up Two-Factor Authentication (2FA) on your social media accounts!

Why? This is one of the best things you can do to protect yourself online, as it requires authentication through a one-time code whenever there is an attempted login to your account!

Prevent SIM jacking!

How? Call your mobile provider and ask that a PIN be placed on your account, as this will prevent any possible impersonation by SIM hackers! Find more information here!

Check if your data has been breached by any major companies!

How? Check out this website! If your data has been breached, change your password for that affected account immediately! 

Practice “self-doxing!” 

Periodically google yourself to check what private or sensitive information has been published about you! You can also set up google alerts that will inform you if any of your information is newly released!

How do I protect myself on Instagram?

  • Set up a strong, unique password (Settings → Security → Password) 

  • Enable two-factor authentication (Settings → Security → Two Factor Authentication) 

  • Review where you are logged in and delete any unfamiliar sessions (Settings → Security → Login Activity) 

  • Deny unauthorized applications that are linked to your account (Settings → Security → Apps and Websites) 

  • Turn on manual tag approval (Settings → Privacy → Tags) 

  • Set account to private (if you do not want to use it as a professional account (Settings → Privacy → Account Privacy)

  • Disable contact sync (Settings → Account → Contacts Syncing) 

How do I protect myself on Twitter?

  • Restrict any private info available in your profile (i.e. set up your birthdate to “Only You”) (Profile → Edit Profile) 

  • Set up a strong, unique password (More → Settings and privacy → Account → Password) 

  • Enable two-factor authentication (More → Settings and privacy  → Account → Security → Two factor authentication) 

  • Enable password reset protection (More → Settings and privacy → Account → Password reset protect) 

  • Review where you are logged in and apps linked to your account and delete any unfamiliar sessions or unauthorized apps (More → Settings and privacy → Account → Apps and sessions) 

  • Limit who can see your tweets (More → Settings and privacy → Privacy and safety → “Protect your tweets”) 

  • Disable or restrict photo tagging (More → Settings and privacy → Privacy and safety → Photo tagging) 

  • Restrict direct messaging (More → Settings and privacy → Privacy and safety → Direct messages) 

  • Disable contact sync (More → Settings and privacy → Privacy and safety → Discoverability and contacts) 

  • Disable precise location information (More → Settings and privacy → Privacy and safety → Precise location) 

  • Turn off targeted ads and personalization (Personalization and data → Toggle off)

How do I protect myself on Facebook?

  • Restrict any private info available in your profile (Menu → See your Profile → … → View as → Edit profile) 

  • Set up a strong, unique password (Menu → Settings and privacy → Settings → Security and Login → Change Password) 

  • Enable two-factor authentication (Settings and privacy  → Settings → Security and Login → Use Two-Factor Authentication) 

  • Review where you are logged in and delete any unfamiliar sessions (Settings and Privacy → Settings → Security & Login → Where You’re Logged In) 

  • Turn on login alerts (Settings & Privacy → Settings → Security & Login → Setting Up Extra Security) 

  • Decide who can see your future posts, past posts, and the people, pages, and lists you follow (recommended: friends) (Settings & Privacy → Settings → Privacy Settings → Your Activity)

  • Turn off location services and location history (Settings & Privacy → Settings → Location)

  • Turn off Off-Facebook Activity tracking and clear history (Settings & Privacy → Settings → Off-Facebook Activity)  

  • Turn off / Don’t allow ad preferences (Settings & Privacy → Settings → Ad Preferences → Ad Settings (go through each one)) 

  • Turn off upload contacts (Settings & Privacy → Settings → Upload Contacts (under (Media and Contacts))

For a more comprehensive guide of social media audits, including privacy adjustment suggestions for LinkedIn, please see this one organized by PEN America. 

Additional Resources?

Pen America’s Online Harassment Field Manual 

Why You Should Dox Yourself (Sort Of), written by PEN America for Slate

What to Do if You’re the Target of Online Harassment, written by PEN America for Slate and HBR 

HeartMob (to report online abuse/harassment)