While there's plenty of uncertainty in the air in the early days of 2018, here's one thing that's a sure bet: Keeping your personal data private and secure will be even more of a challenge.

In 2017 we learned that hundreds of millions of consumers had been affected by big data breaches at Yahoo, Equifax, and Uber. Hackers and malware harmed individuals, too, through ransomware and other attacks.

And those are just the criminals.


We’ve been on your side since 1936. And that’s where we’ll stay. Learn more.

More on Digital privacy

At the same time, marketers continued to get better at intruding on your digital privacy in 2017, finding ways to collect and monetize the personal data that you generate every day as you navigate the web, use your phone, and even watch TV. And the monetary incentives to target your personal data—whether legally or illegally—won't be any different in the months to come.

However, there are quick and easy changes you can make yourself, right now, to protect your digital privacy. And as more consumers take these steps, the more it tells companies that privacy matters.

Here are five simple strategies to boost your digital privacy and security in 2018.

Update Your Devices

One of the easiest and most effective ways to protect the security of your computers and mobile devices is to keep the software up to date, says Maria Rerecich, director of electronics testing at Consumer Reports.

Updates help manufacturers patch security vulnerabilities quickly. Just this month, for example, Apple, Microsoft, and others said they'd released fixes for the Meltdown and Spectre security flaws that affected millions of laptops and other devices. 

After installing an update, it's a good idea to double-check your digital privacy settings to make sure nothing has changed in the process. To do that, look in the Settings or System Preferences menu on most digital devices. 

While phone and computer manufacturers are usually vigilant about informing you of updates and even offering you the chance to automatically update your devices—a smart option—that's not always the case with devices such as routers, security cameras, and baby monitors. So take a moment every few months to check for software and firmware updates for those items. (For instructions on how to launch updates, search online or check the user's manual for the device.)

Use Two-Factor Authentication

What if you could find a way to make your password all but useless to a hacker? That's what two-factor authentication does. Instead of relying solely on a password, user accounts secured by two-factor authentication require an additional level of proof of ID before granting access.

This may involve the use of a physical device (like your phone, a card, or a fob) or some biometric marker (like a fingerprint, a voice print, or facial recognition).

How Two-Factor Authentication Typically Works
When you log in to an account on a new laptop or smartphone, you'll be asked for your password, but once you enter it, you won't have access to your account. Instead, the website will ask for a one-time code sent by text to your phone. The second "factor" is your phone; without it and the password, you'll be denied access.

Nearly every major online service offers some form of two-factor-authentication as an option. (Netflix is a notable exception.) To find out how to enable it, just search for “two-factor authentication” online (or “2FA,” for short) with the company name, such as Amazon, Apple, Gmail, or the name of your bank.

Freeze Your Credit

There's not much you can do to stop the next data breach, but you can minimize the financial risk with a credit freeze, says Justin Brookman, privacy director for Consumers Union, the policy and mobilization division of Consumer Reports.

That prevents most lenders from looking at your credit history, which keeps them from issuing a credit card or approving a loan to an unauthorized party.

The one problem is that a freeze also locks out vendors you are doing business with. That might include obvious ones—like a mortgage lender or a carmaker's finance company—and not-so-obvious ones—such as a cell-phone company or even a potential employer.

You need to initiate a freeze with each of the four major credit services: Experian, Equifax, TransUnion, and the lesser-known Innovis. And when you do file an application that requires a credit check, you’ll have to contact them individually to lift the freeze.

There's a small charge, $2 to $12, to place a credit freeze, but Equifax is offering the service free until Jan. 31. (Identity-theft victims can sometimes get it free elsewhere, too.) And consumer advocates, including Consumers Union, are fighting for legislation that would make it easier—and cheaper—to freeze your credit with all of these companies.

Install a Password Manager

A password manager is essentially a virtual vault that creates and then stores complicated, hard-to-hack passwords for all your online accounts, letting you access them with one simple-to-remember password.

Dashlane, 1Password, KeePass, and LastPass are among the most popular password managers, and they're either free or inexpensive ($2 to $5 a month).

Using a password manager certainly beats using "Password2018" for everything and hoping for the best. But what if you've got a slew of accounts, each with its own less-than-secure password? While password managers are superb at helping you generate an effective new password and remember it, they can't automatically replace all your existing passwords.

To lock down all your accounts, you have to log in to each one individually, opt to change your password, and then let your password manager do the rest.

If that sounds like a colossal headache, try triage. Focus on your most important accounts—your e-mail, bank, and healthcare accounts—and change the rest whenever you log in to them. Before winter’s over, all your accounts should be secured with new, stronger passwords locked away in your password manager.

Make Privacy a Priority

There's a lot to be said for choosing strong privacy protections whenever you sign up with a fresh online service or set up a new device.

Some of these settings can protect you from hackers. But they can also slow the erosion of your digital privacy that happens when tech companies collect and share information. 

After all, retailers and social media companies rely on consumers to volunteer information. But just because they ask doesn't mean you have to answer.

As one example, look in your smartphone settings at what permissions each mobile app is asking for. Does it want access to the phone's microphone? Location data? Your contacts? If you're not sure why an app needs that information to function, turn off the permission. If that keeps the app from working the way you want, you can always switch it back on later.

Using strong digital privacy settings will help preserve your privacy while encouraging good behavior, says Jessica Rich, vice president of consumer policy and mobilization at Consumers Union. To do this, "opt out of data collection and choose companies that compete on privacy," she says. 

Rich also suggests letting others know that the issue is important to you.

For instance, tell customer-service reps, and mention the issue in online surveys. Companies take customer feedback seriously, and if they get enough complaints about tracking, data breaches, and other privacy problems, they just might change the way they do business.