If one asked half a dozen people if they knew about the security settings of their software programs, email systems, and social network accounts, six of them would not be 100% sure. Sounds like a joke, right? While this may be an exaggeration, the vast majority of people are not fully informed about their security settings or how to manage them to make themselves less vulnerable to privacy violations.

According to Adweek, a digital media network, Internet users have no idea how to protect their privacy online. The concern about privacy and the actions users take to protect their privacy is way out of sync. Adweek reports that a Trend Micro survey that included over 2,000 Internet users reveals that, while users want more privacy, they do not take the very basic steps that ensure stuff privacy. If you’re reading this article, there is a chance that you might have already been impacted by an online privacy violation, or that you’re merely taking precautions. Here are some shocking statistics that emphasize the gravity of the problem and what could be done about it.

Security Settings Password

No Passwords or Extremely Weak Passwords

As Trend Micro’s survey showed,  40% did not use any passwords at all on devices such as computers, laptops, or smartphones. In case they do use passwords, many passwords are so weak that they are almost useless.

In 2013, Adweek reported the discovery of a hacker database with two million compromised user accounts. A SpiderLabs analysis of the two million stolen passwords shows how predictable and vulnerable the top ten password choices are:

  1. 123456 chosen by 15,820 people
  2. 123456789 chosen by 4,875 people
  3. 1234 chosen by 3,135 people
  4. password chosen by 2,212 people
  5. 12345 chosen by 2,094 people
  6. 12345678 chosen by 2,045 people
  7. admin chosen by 1,991 people
  8. 123 chosen by 1,453 people
  9. 1 chosen by 1,224 people
  10. 1234567 chosen by 1,170

Moreover, the runner-up that did not make the list was “111111” chosen by 1,046 people.

Looks scary, right? The shocking thing is these are the most popular passwords of all time. If you are using such passwords anywhere on any device or system, change them immediately! Someone could be violating your online privacy right now.

Think about your current security settings. The first step is to use a complex password.

How to Create Easy-to-Remember Complex Passwords

SpiderLabs recommends using four common, yet unrelated words. The example they give is “correct horse battery staple.” (Hint: DO NOT use that one!) Select four different unrelated but simple words that you can surely remember afterwards.

Do not use the same password for all the accounts you hold on different websites. An easy way to do this is to place the website name somewhere between the four words. It’s much better to put it in the middle somewhere than at the beginning or at the end of the password. Using the same example, the password could be used on Facebook as “correcthorsefacebookbatterystaple” and then on Gmail as “correcthorsegmailbatterystaple.”

This is an easy-to-remember way to manage passwords and have them all long and different. If the website password policy requires using lower and upper case letters, numbers, and special characters, then you should capitalize two letters in the website name, use a number after it, and substitute the letter “s” with a dollar sign “$.”. Using our example these passwords would be “correcthor$eFaceBook1battery$taple” and “correcthor$eGMail1battery$taple.” These long complex passwords are incredibly difficult to break using hacker techniques, where the computer tries every combination until it gets it correct. At the same time, they are easy to remember.

System Security Settings

According to Adweek, 28% of the survey respondents allowed mobile apps access to their social media profiles. Social networks are notorious for not being secure, so giving mobile apps routine access to social media profiles is a big mistake.

Every popular Internet-based system has a default security setting, allowing users to modify settings to their choice. Relying on the default security setting may cause unnecessary exposure, and certainly does little, if anything, to protect privacy. In this situation, we are concerned with both privacy from other Internet users and privacy within the system itself. Unless a person wants the whole world to know who they are, where they are, what they are doing, and whom they are doing it with at all times, it is more prudent to set the security settings for better privacy protection.

Here are the instructions to improve security settings for Facebook, Google, Google Chrome browser, Gmail, and Mozilla Firefox browser:

Facebook Security Settings

Kim Komando gives you twenty simple steps to make tighten your Facebook account security settings.

  1. Log into your account
  2. Click on the arrow in the upper right corner; choose ‘Settings’ from the drop-down menu.
  3. This opens the general settings page where the password can be changed according to our recommendations above. Change the password if necessary. An additional recommendation is not to use the same username on social media as used for an email address. Using the same word or name makes it extremely easy to find a person.
  4. Click ‘Security’ in the left column to open the Security Settings.
  5. Turn on ‘Login Notifications’ to receive alerts if any login comes from an unknown device.
  6. Login Approvals is an option that requires confirmation using a text code sent to a mobile phone if any new computer or device attempts to log in to the account. Please note many users do not like sharing mobile phone numbers with Facebook, so think about this before doing it. If you have a mobile phone and don’t mind sharing the number with Facebook, select this feature. If your password is stolen, the hacker will also need to have your mobile phone to gain access to your account.
  7. Review the browsers listed under ‘Trusted Browsers’. Remove any devices to which you no longer want to have easy access, or check ‘Where You’re Logged In’ to allow access from only the computer currently being used. This prevents access from any logged-in device that you might have forgotten about at a public library or elsewhere. Perhaps someone might have access to these devices and could try logging in.
  8. Select the Privacy settings. Go to ‘Who can see my stuff?’, and set ‘Who can see your future posts to ‘Friends’. Under the ‘Limit Past Posts’ section use the ‘Limit Old Posts’ so that only your Facebook friends can see them as well.
  9. Select ‘Who can contact me?’, and choose only ‘Friends of Friends’ under ‘Who can send you friend requests?’. unless you want to let strangers contact you, who could be old friends.
  10. Select ‘Who can look me up?’ Choose ‘Friends’ in both places, and then ‘No’ to prevent strangers from searching for you. This also blocks old friends from looking for you.
  11. Under Timeline and Tagging chose ‘Friends’ or ‘Only Me’ for ‘Who can add things to my timeline?’
  12. Change ‘Review Posts’ to ‘On’ to have a chance to review any post you get tagged in before others can see it.
  13. ‘How can I manage tags people add and tagging suggestions?’ should be set to ‘On’ and ‘Only Me’ so that any items that have your tag are not automatically visible. This also means that you have to approve photos your friends tag you in in order for the tag to appear to others.
  14. Set ‘Who Can Follow Me’ to ‘Friends’, unless you want the public to be able to follow your news feed.
  15. Review and delete any apps under ‘Apps You Use’ that you do not want to have access to your Facebook profile information. To turn them all off, set ‘Use apps, plugins, games, and websites on Facebook and elsewhere?’ to ‘Off.’
  16. Review ‘Apps others use’, and uncheck every box to stop friends from having apps that they permit to share your information.
  17. Turn ‘Instant Personalization’ to ‘Off’.
  18. Under Ads, set ‘Third Party Sites’ to ‘No One’ to prevent Facebook from sharing information about you with other advertisers.
  19. Under ‘Ads and Friends’, change ‘Pair my social actions with ads for’ to ‘No One’.
  20. For ‘Website and Mobile App Custom Audiences’, choose ‘Opt out’.

There you go! Now that we have made sure your Facebook security settings are fully tightened against potential violations, let’s take a look at how you can do the same for Google and Mozilla Firefox.

Google Security Settings

Google makes it easy to set security settings, and this works across all Google services.

  1. Sign in to a Google account (repeat this process if you have more than one).
  2. Go to https://www.google.com/settings/security
  3. Review the security settings and change them, as you desire.

Google Chrome Security Settings

  1. Click the Chrome menu on the browser toolbar (it looks like three parallel horizontal lines and is in the upper right-hand corner of the browser).
  2. Choose Settings.
  3. Choose Show Advanced Settings.

Here you can choose the Phishing and Malware protection setting, which blocks bad websites (already the default setting is to block them), as well as settings for SSL and web content. Make sure you know what you are doing or seek some help first.

Gmail Security Settings

If you already did the Google security setting procedures above, then your Gmail security settings have already been fixed. If not, then here are the procedures again:

  1. Sign in to a Google account (repeat this process if you have more than one).
  2. Go to https://www.google.com/settings/security
  3. Review the security settings and change them, as you desire.

There is also a Gmail security checklist to follow to make sure everything is set properly as you want it to be set for security.

Mozilla Firefox Security Settings

On this Mozilla Support webpage, there are explanations and step-by-step procedures on privacy and security setting options when using the Mozilla Firefox browser.

In summary

Personal security and privacy protection are both areas where Internet users need to be very proactive. As was seen with all the recommended changes by Kim Komando for Facebook listed above, the default settings in some of these systems create risky exposure that users may be completely oblivious to. If these guidelines have prompted you to check and double-check your security settings, consider yourself lucky to be one of the not many Internet-savvy surfers of the web who are well-informed about their social networking privacy.