Beginner’s Guide to Online Security: Learn the Basics and Stay Safe

Published by Foundation for Media Alternatives (FMA) on

Beginner’s Guide to Online Security: Learn the Basics and Stay Safe

In today’s digital world, our lives are more connected than ever. We shop, bank, study, and socialize online – but this convenience comes with risks. Cybercriminals are constantly finding new ways to trick people, steal information, or break into accounts.

The good news? You don’t need to be a tech expert to protect yourself. Learning a few simple security terms and best practices can dramatically reduce your chances of becoming a victim. In this post, we’ll explain three important concepts – daisy chains, evil maid attacks, and nonces – and show you how to stay safe in everyday life.

1. Daisy Chains: The Danger of Reusing Passwords

One of the most common mistakes people make is reusing the same password for multiple accounts. This practice is called daisy chaining.

Why it’s risky:
If a hacker steals your password from one site, they can use it to log into your other accounts. Imagine this:

  • A hacker gets your Netflix password.
  • You’ve used the same password for your email and online banking.
  • Now the hacker can access your finances, personal messages, and more — all from that one leak.

Real-world example:
In 2019, millions of stolen passwords were leaked online in a giant database called “Collection #1.” Many victims had reused the same password across multiple sites, giving attackers easy access to their digital lives.

Tips to protect yourself:

  • Use unique passwords for every account.
  • Rely on a password manager (Bitwarden, 1Password, or LastPass) to generate and remember them for you.
  • Enable two-factor authentication (2FA) to add another layer of security.

2. Evil Maid Attacks: When Someone Gets Hands-On

Not all cyberattacks happen over the internet. Sometimes, someone with physical access to your computer or device can tamper with it. This type of attack is called an evil maid attack (the idea being that even a hotel maid could slip into your room and compromise your laptop).

How it works:

  • An attacker installs spyware or hardware that records your keystrokes.
  • They might copy your hard drive or install a hidden backdoor for later access.
  • You won’t notice anything is wrong until it’s too late.

Example scenario:
You leave your laptop unattended at a coffee shop. Someone sneaks in, plugs in a malicious USB drive, and installs malware in under two minutes. Later, they use it to steal your passwords.

Tips to protect yourself:

  • Always lock your device with a strong password or PIN.
  • Use disk encryption (BitLocker on Windows, FileVault on Mac, or LUKS on Linux).
  • Don’t leave your devices unattended in public spaces.
  • Consider using a security cable lock for laptops in hotels or shared spaces.

3. Nonces: One-Time Codes for Safer Logins

nonce stands for “number used once.” It’s a unique value or password that works only for a single session. Nonces are a cornerstone of secure authentication systems.Why they matter:
Nonces prevent attackers from reusing your login credentials. Even if someone intercepts a code, it can’t be used again.

Everyday example:
When you log into your bank, you might receive a six-digit code on your phone. That code is valid only once and only for a short period. This ensures that even if a hacker sees it, they can’t use it later.

Tips to protect yourself:

  • Always enable two-factor authentication (2FA) on important accounts.
  • Use an authenticator app (Google Authenticator, Authy, or Microsoft Authenticator) instead of relying only on SMS codes.
  • If possible, use hardware security keys (like YubiKey) for the highest level of protection.

Bringing It All Together

These three terms – daisy chains, evil maid attacks, and nonces – may sound technical, but they represent real-world risks that affect everyday people.

  • Daisy chains remind us: Never reuse passwords.
  • Evil maid attacks warn us: Physical security is just as important as digital security.
  • Nonces show us: One-time codes are one of the most powerful tools to keep accounts safe.

Conclusion

Online security may feel overwhelming at first, but it does not have to be. By learning just a few key terms and applying some basic habits, you can make yourself a much harder target for hackers. Cybersecurity is not about being 100% unhackable. It is about making your accounts and devices secure enough that attackers move on to easier prey.

Stay smart, stay safe, and remember: a little knowledge goes a long way.

Categories: News Blog
Tags:

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

News Blog

Gendered Digital Surveillance

Gendered Digital Surveillance One of the sessions held at the DRAPAC 2025 held in Kuala Lumpur in August was on gendered digital surveillance that was organized by Ellen Kusuma from Indonesia. It aimed to discuss Read more

News Blog

Three Years at DRAPAC: Reflections on a Growing Movement

Last August, I attended my third Digital Rights Asia-Pacific Conference (DRAPAC) in Kuala Lumpur, Malaysia. Having participated in DRAPAC since 2023, I’ve grown familiar with its format and have come to expect seeing many of Read more

News Blog

On Konektadong Pinoy Act, disinformation and online gender-based violence: the FMA Digital Rights Round-up (August 1-31, 2025)

‘KONEKTADONG PINOY’ BILL LAPSES INTO LAW The measure allowing new internet service providers to operate in the country without a legislative franchise or Certificate of Public Convenience and Necessity (CPCN) lapsed into law on Sunday. Read more