Chapter 23

Ten Chromebook Security Tips

IN THIS CHAPTER

Bullet Protecting your online accounts with stronger passwords and multifactor authentication

Bullet Improving network security

Bullet Preventing theft of your Chromebook

Bullet Keeping prying eyes away with a privacy filter

Cybercriminals are making good money, but I want to make sure that they don’t get any of yours! Having a Chromebook is a great start because the design of Chrome OS — the heart and soul of a Chromebook — has security strongly in mind. The nature of cybercrime makes it necessary for you to be vigilant, even when using the most secure laptop available. The tips in this chapter can help keep you and your data safe.

Lock Your Chromebook when You’re Away

Whenever you’re working on your Chromebook where other people are around, an excellent habit to get into is to lock it when you step away, even for a minute or two. You can easily lock it; Chromebooks give you not one, not two, but three ways, as follows:

  • Briefly press the Power button and then click Lock.
  • Open the Settings window and click the Lock symbol.
  • Press the Lock key on your keyboard.

Use Strong, Complex Passwords

The top ten passwords in use in 2019 are 123456, 123456789, qwerty, 12345678, 111111, 1234567890, 1234567, password, 123123, and 987654321. The next ten are just as lame.

Using such passwords is just laziness, and user accounts with weak passwords like these are broken into a lot. Using stronger, complex passwords isn’t difficult. Here are some examples of better ones (but don’t use these because they’re in a published book now):

  • ST4R.wars (Star Wars)
  • Loosie.IN.the.sky-withDiamonds (Lucy in the Sky with Diamonds)
  • Run-Forr35t-Run! (Run Forrest Run!)
  • Sea-Sp00t-Run (See Spot run)

The idea is to think of a phrase and then devise some consistent way of misspelling it that you can remember.

You need to use a different password on each site you use. Here’s why: If cybercriminals can successfully break into a website’s user IDs and passwords database (which happens often), and if you use the same user ID and password everywhere you go, the cybercriminals who stole these credentials can easily log in to all the websites you use frequently. If this includes online banking or other sites on which you buy or sell, you’re in big trouble.

Use complex passwords on your websites, and a different password on each site, is a lot to remember — so read the next tip.

Use a Web-Based Password Vault

Maintaining security isn’t easy. Using different passwords on each site is definitely the way to be more secure, but remembering all those passwords can be challenging. The good news is you don’t have to.

Some trusted, high-quality password vaults are available. These securely store your login credentials so that you don’t need to remember them all. Some of these vaults can even automatically enter your login credentials when you log in. How cool is that!

The best password vaults are LastPass (at www.lastpass.com), Keeper (at www.keepersecurity.com), and Dashlane (at www.dashlane.com).

Use Multifactor Authentication Everywhere You Can

One of the biggest threats on the Internet involves the theft of login credentials for popular websites. Even if Chrome OS is resistant to attack, hackers use malicious browser extensions that are designed to steal user IDs and passwords when you type them in. Also, cybercriminals directly attack popular website databases and, if they can break in, often they go for encrypted password databases and attempt to decrypt them. If they do, they have the user IDs and passwords for many — or all — of the site’s users!

Using multifactor authentication is generally pretty easy. When you log in to a website, the website sends a code to your smartphone, and you type in that code to log in. Even if hackers can obtain your user ID and password, they can’t log in because they don’t have your smartphone as well.

Be on the lookout on your social media, financial services, medical, and other websites where sensitive information about you resides. When you see information about activating multifactor authentication (sometimes called two-factor authentication), please consider enabling it. You’ll thwart cybercriminals, and your data will be a little bit safer.

Get a Screen Privacy Filter

If you work with confidential information on your Chromebook, and do so frequently in public places, you might consider getting a screen privacy filter. It helps to keep prying eyes that glance at your screen from seeing what you’re up to. When using a privacy filter, you can clearly see the screen, but people to your left and right just black when they look at your screen. Keep your business information, or those cat videos, to yourself!

Block Malicious Websites with an Antimalware Program

Chrome OS is quite robust and resistant to the kinds of attacks that have plagued Windows computers for decades. Still, hazards are out there, and most of the attacks you face are attacks on your browser in the form of malicious extensions and websites that attempt to steal your data.

Security programs like AVG Online Security or McAfee Endpoint Security are available from the Google Web Store. They are purpose-made for Chromebooks and help protect you from known malicious websites and other threats.

Update the Security on Your Wi-Fi Access Point

You’re only as secure as the Wi-Fi network you usually use. If you have a new Chromebook and your Wi-Fi access point (which might be doing double-duty as your cable modem or DSL modem) is old, you might consider replacing it with a newer one.

The two most important security settings to look at on your Wi-Fi access point are the type of encryption (which is usually none, WEP, WPA, or WPA2 — pick WPA2!) and the default password. Be sure to read the instructions for your Wi-Fi access point carefully. Visit the Wi-Fi access point manufacturer’s website for help. You might also pick up a copy of Networking For Dummies, 11th Edition, by Doug Lowe (Wiley) for more information on securing and customizing your home Wi-Fi network.

Back Up Your Local Data

With ordinary use of your Chromebook, most of the data you create and deal with is stored by Google “in the cloud,” where it is available on all of your Google-enabled devices. Still, you might have local data that matters to you. The best way to find out is to open the Files app and see what data is stored locally. Anything in the Downloads, Images, Audio, or Video folders might exist only there and nowhere else. If this is the case, and you care about any of these files, it’s best to copy them to your Google Drive: Just drag and drop your files to it — into separate folders if you want.

Alternatively, you can back up these files to an external hard drive or SD card if you prefer to maintain complete control over this data. Either way, backing up your local data is easy and takes only moments.

Use a VPN If You Use Public Wi-Fi Routinely

If you frequent Wi-Fi networks at coffee shops, hotels, airports, and other public places, I recommend that you subscribe to a VPN service. As discussed in Chapter 18, getting a free VPN service is likely to do more harm than good. Instead, go with one of the leading VPN services, such as Nord VPN, Encrypt.me, ExpressVPN, or Cyberghost VPN.

VPN software encrypts all your Wi-Fi network communications so that snoopy people can’t eavesdrop on any of your communications on a public Wi-Fi network. This issue is less important at home where, hopefully, your Wi-Fi access point is configured to use WPA or, better yet, WPA2, which encrypts your network traffic at home.

Keep Your Chromebook Up to Date

I’m saving the best — and most important — security tip for last. Keeping your Chromebook’s Chrome OS up to date is vital for your security, as well as for the stability of your Chromebook. Be sure to watch your notifications and act promptly to update Chrome OS as well as all the apps you’ve downloaded from the Chrome Web Store and the Google Play Store.

Although some of the updates fix software bugs, you can be sure that many of the fixes improve the security of your Chromebook and the apps you run. When these security bugs are fixed, criminals have a harder time breaking in and stealing your data.