You should also install the HTTPS Everywhere extension. HTTPS Everywhere automatically directs you to the secure version of a site when the site supports that, making it difficult for an attacker — especially if you’re on public Wi-Fi at a coffee shop, airport or hotel — to digitally eavesdrop on what you’re doing.
Some people may want to use a virtual private network (VPN), but it’s not necessary for everyone. If you frequently connect to public Wi-Fi, a VPN is useful because it adds a layer of security to your browsing when HTTPS isn’t available. It can also provide some privacy from your internet service provider and help minimize tracking based on your IP address. But all your internet activity still flows through the VPN provider’s servers, so in using a VPN you’re choosing to trust that company over your ISP not to store or sell your data. Make sure you understand the pros and cons first, but if you want a VPN, Wirecutter recommends IVPN.
4. Don’t install sketchy software
Why: Every weird app you install on your phone and every browser extension or piece of software you download from a sketchy website represents another potential privacy and security hole. Countless mobile apps track your location everywhere you go and harvest your data without asking consent, even in children’s apps.
How: Stop downloading garbage software, and stick to downloading programs and browser extensions directly from their makers and from official app stores. You don’t need half the apps on your phone, and getting rid of what you don’t need can make your phone feel faster. Once you clear out the apps you don’t use, audit the privacy permissions of what’s left. If you have an iPhone, open Settings and tap the Privacy option. On Android, head to Settings > Apps, and then tap the gear icon and select App Permissions. Here, you can see which apps have access to your location, contacts, microphone, and other data. Disable permissions where they don’t make sense — for example, Google Maps needs your location to function, but your notes app doesn’t. In the future, think about app permissions as you install new software; if an app is free, it’s possibly collecting and selling your data.
The same rules go for your computer. If you’re not sure what to delete from your Windows computer, Should I Remove It? can help you choose. (Yes, it’s more software, but you should delete it after you’re done using it.) Mac users don’t have an equivalent, but all software resides in the Applications folder, so it’s easy to sift through. If you find an app you don’t remember installing, search for it on Google, and then drag it to the trash to delete it if you don’t need it.
5. Use antivirus software on your computer
Why: Viruses might not seem as common as they were a decade ago, but they still exist. Malicious software on your computer can wreak all kinds of havoc, from annoying pop-ups to covert bitcoin mining to scanning for personal information. If you’re at risk for clicking perilous links, or if you share a computer with multiple people in a household, it’s worthwhile to set up antivirus software, especially on Windows computers.
How: If your computer runs Windows 10, you should use Microsoft’s built-in software, Windows Defender. Windows Defender offers plenty of security for most people, and it’s the main antivirus option that Wirecutter recommends; we reached that conclusion after speaking with several experts. If you run an older version of Windows (even though we recommend updating to Windows 10) or you use a shared computer, a second layer of protection might be necessary. For this purpose, Malwarebytes Premium is your best bet. Malwarebytes is nonintrusive, it works well with Windows Defender, and it doesn’t push out dozens of annoying notifications like most antivirus utilities tend to do.