Some of this list is the same as other blogs because they are important. My non-typical items are identified with [WA] after the heading.

My perspective is nonprofessional, but an interested hacker. For my book (Pandemic Hacker) I started with hacking knowledge and then spent time researching the latest. Below is a list of content creators who provided videos explaining concepts. You should check them out and subscribe for their latest content.

If you like this blog the best way you can help is to put a link to this page on a website, or social media post. I do have affiliate marketing links, but they don’t generate enough to pay for this website’s costs. Consider providing a tip via the links at the bottom.

I have intentionally selected a few videos that pertain to discussions in the book. The creators and video links are at the bottom.

Worst Author’s top 7 things to protect yourself

Here are my top seven things to consider that will help protect you and your data on the internet.

Wi-Fi Password

Your Wi-Fi password or passwords in general are not strong enough. Look at the password-cracking videos and hacking videos. There is a video below about Wi-Fi password cracking.

Wi-Fi is your network. If someone can get into your network, they can access everything connected inside your house. Your computers, phones, and tablets. This includes your home devices like your thermostat, smart speakers, and lights.

Your Wi-Fi password is only entered into a device once so having a long and strong password should not be an issue. In addition, I make a QR code for my Wi-Fi network so that new devices with a camera can simply scan the code. I used an online QR code generator to create this example:

SSID: WorstAuthorNetwork, Password: Worst#Dumm$Password%

To make the point about needing a strong password, take a look at the password-cracking videos and hacking videos. Links to videos:

• I will own your WiFi with one Kali Linux command
• Wi-Fi password hack: How to hack into WPA Wi-Fi and WPA2 | Free Cyber Work Applied series
• Cracking WiFi WPA2 Handshake
• Best WiFi Hacking tools: Airgeddon, Kismet, Raspberry Pi, and Kody's favorite wifi tools

Recommendation: Use a password generator to create a strong Wi-Fi password. Then create a QR code (google search) so all your devices with a camera can simply scan the password.

Password Security – Make sure the most critical password is strong [WA]

Every website wants a separate password that follows their rules, EVERYONE. How do you remember them all? You don't, you store them in your browser or an application. You have changed the critical point of failure to one password. The password that stores all your other passwords. And those websites don't care, it is not their policy that caused a weak password to be cracked.

Every browser, plus major vendors (Apple, Google, Microsoft, Norton) will manage all your passwords for you. Linux has password managers you can set up, I have done this on Ubuntu Linux.

If you are like me and use multiple browsers, you have to deal with password managers on each. When you change a password on one, the next time you use another browser the password has to be remembered, looked up, or changed again. One answer is to only use one browser, except when a website tells you they don't support your browser, or they prefer another browser.

Biometrics are convenient and you can't change them, so no one will ask for them to change. They all use normal passwords to set them up and as a backup. They don't solve the problem.

To have one place as my reference I use an open-source tool (KeePass). It has a strong password and it works on my phone and my laptop. I have not created a comparison of different password managers. I have used KeePass for several years and I am not interested in putting in the work to change.

Major websites are not interested in changing their process because no one is complaining about this situation. Until websites hear a rebellion from customers they won't change.

Recommendation: Decide on a password manager and use a strong password on that primary place, then live with this chaos.

You should use two-factor authentication

Having two-factor authentication requires two methods to validate your attempt to log in. The second factor can be a text message to your phone, an email, or an application on your device. No security features are perfect, but I don’t need to be perfect. If I am harder to hack than someone else the bad guys will go after them first.

I use two applications, Authy and Microsoft Authenticator. I use the Microsoft application for my Microsoft accounts. It has a feature where you simply verify it is you logging in by confirming a number. It works well. Here are links to Apple, Google, and Microsoft app stores.

The second application is called Authy. It has applications for your phone and desktop. The application will back up all your settings and website information. The best part is you can have multiple devices with the same two-factor authentication setup. Your laptop, tablet, and phone can all have the application installed. This means when you log in to a website with two-factor authentication you don’t have to find your phone. Just open the application on the current device. Links to app stores Apple, and Google. Windows download.

Recommendation: Get a two-factor authentication app and use it, especially for websites with sensitive information.

Backup the important data – not everything

The important data that you keep on your laptop, phone, or tablet you consider important for a reason. I am not talking about everything you put into your documents folder. Just the important items. You can use a backup program to protect your system, which is good. You can pay for a service that will back up everything important.

I am focusing on the documents on your system that you want to never lose and share across devices. The major players all have a cloud storage option you can use. iCloud for Apple, Google Drive, and One Drive for Microsoft. On Windows, all of these cloud storage folders can appear in Windows Explorer, just like other folders.

I have all three on my systems. I use them to sync and back up my documents folder. Just as an FYI, because I know the space is large but limited for these cloud storage options, I only put important files in my documents folder. For others, like downloaded install programs, I use storage shared on my network. I won’t go into detail about network sharing in this blog.

Once you install the application on your device the setup process is pretty simple. The default for these programs is to back up or sync your documents folder. You can add additional folders if you want. Now you don’t need to think about doing backups, it just happens.

My Windows Explorer shows iCloud, Google Drive, and OneDrive as options on the left selection bar. They look like any other folder, except the data is synced to the cloud automatically. If I change the source file for this blog it will automatically be updated on those services.

I believe that iCloud is available on all Apple devices without needing an installation. For Windows, I believe it is available but may not be active or installed. Links to the applications:

Apple Store (for iOS): Google Drive, One Drive

Google Store (for Android): iCloud, Google Drive, One Drive

Microsoft (for Windows): iCloud, One Drive

Desktop download: Google Drive

Put your home devices on a separate network [WA]

Today almost everyone has some kind of 'home' device. This refers to doorbells, speakers, lightbulbs, etc. Most of them use Wi-Fi (there are other options I won't explore). It is complicated to set up these devices. They all have a different process, usually using an application on your phone. Now try and change or update that password. It sucks!

If you have a weak password (see number 1 above) you need to change all connected devices. It will be very painful to change all those home devices to the new password. However, you don't want to have your home network, with your computers, easily hackable.

There is a new Wi-Fi standard called Wi-Fi 6. With it, you get faster speed and more security for your network. It has new encryption (WPA3) which is what you want to use if your devices will support it. Home devices don't support WPA3 today, and it will take some time before they support WPA3.

What I did to improve my network was to change my router setup without having to update all those home devices. I purchased a new Wi-Fi 6 router (my affiliate link: shop Amazon). I connected computers, tablets, etc. to the new router and left the home devices on the old router. I purchased a TP-Link router and did the following setup:

Take your current router and turn it off. You will still use this router, but only for your home devices.

Install a new Wi-Fi 6 router, completely replacing your current router. That means moving all the network wires from your old router to the new router. Don’t move the power cord. Follow the directions to set up the new router Wi-Fi. You need to have a new network name and password. Note: you want to keep the old router with the old network name, so all the home devices still work.

If you turned the old router off, turn I back on. Plug a network wire from the WAN port of the old router into a LAN port on the new router.

You have now updated your main Wi-Fi. You still must change the passwords on your phones, tablets, and computers to the new password. The home devices are still on their old Wi-Fi settings and working. The key point is your computers, and those devices are now on separate networks.

Details: Using the default IP address range on both routers could have an issue. I manually changed mine to avoid this, then found out my router would automatically detect and fix this. If you have an issue search your router vendor technical support.

Recommendation: Upgrade your main house router to Wi-Fi 6 and keep your old router for all your home devices.

Watch out for phishing emails - You Won!

If you receive an email that says you won something. If it is from a company, you have never logged in to or purchased something it is a phishing email. If the email has the words you won, you qualified then DON'T CLICK any links until you check. Simple questions to ask include:

Is the email address correct for the company or is it different, misspelled, or just looks weird?

Is the email from a company you have done business with before? If the email is from a company, you have never done any business with, why would they send you an email that you won anything, and how do they have your email?

The more difficult one will be a company you have done business with; everything looks good. Next, I will look at the details they provide in the email. Is it specific with what you have won, and how to redeem it, written in the email? If it very little information, simply how or where I can redeem the prize, I will look deeper. If there are no real details simply you won and click the link, I would not click.

The more difficult situation will be a company you have done business with, and first check everything looks good. Next, I will look at the details they provide in the email. Is it specific with what you have won, and how to redeem it? If it has very little information, simply what you won and click the link for more details I would not click on the link.

If the email is real and you actually won, you can search online for the company giveaways. They won't simply talk about the contest in emails and nowhere else. I still would not click the link. I would go to the company website and look for the contest and how to redeem the prize.

While it is annoying having a website ask you to log in to get details is the safest way for you to communicate with the company.

There are scammers constantly trying different email content to see what will make people click. They want you to click on a link to get you to a web page that will load bad stuff and provide your details. They will then know to try harder to get you to click.

Recommendation: If you think you have won, don't use the links in the email. Use your browser to go to the company website. Log in to the system and look for a message that you won. A real prize from a real company will provide the information when you log in. They have the email they used to send you the message.

Don’t use your name as your email [WA]

People trying to perform identity theft need to get as much detailed information about you as possible. If the only email you have is your name or includes your full name, you are giving them the first piece of information they need.

Getting email accounts is easy. Get several, each set up for a specific purpose. Have one for legal emails, this may have your name. Have a different one for work. Another is for signing up for websites that will spam you. Every website wants you to register. They want your information to email you marketing materials, or to sell your email to spammers. With your email, they can send you emails that could get you to buy something and they will get paid.

By the way, I don’t sell emails to anyone who registers on this site.

I have multiple email addresses. There is one with my name for specific needs. I use it on LinkedIn, applying for a job, and legal paperwork with the government. An email with your name is not required for government emails.

I have several others that don't include my name - AKA WorstAuthor. They are used for different purposes.

You can even get temporary emails that only exist for a few hours. You use it to sign up for a website then never use it again. You can even get temporary emails that you use only once.

Your email client, on your phone, and on your computer can show you multiple email accounts. My system will show emails regardless of which email address they were sent to, all in one list.

I am working on a separate blog about getting and using multiple emails. Stay tuned.

Recommendation: Create multiple emails without your name. You can use any pattern you want. superjedibob, superjediwill, awsomedancer, bestchillie. Use numbers, 6 for G and 1 for 'I' to make email addresses. The more unusual the more likely you can sign up on the major sites.

Want to know a little more about Author? Try this page.