The internet is becoming an increasingly dangerous neighborhood: digital marketers want to buy your private data, and hackers want to steal it. Here are four simple steps you can take to stay safe online.

1. Encrypt Your Passwords

These days, dealing with the ever-growing list of passwords required to log in to many websites has led many web browsers to save and automatically fill passwords for us. While convenient, this can be a goldmine for hackers who want to steal your login details.

Fortunately, there are some security steps you can take to protect data saved in your password chain. Firefox, for example, allows you to set an encrypted master password to add an extra level of protection to your password chain. Also consider password management software like LastPass or Dashlane that securely store (and auto-fill) your passwords and other sensitive data.

Never forget that if you’re not paying for a product on the internet, you are the product.

2. Keep Your Data Private

Never forget that if you’re not paying for a product on the internet, you are the product. That means social media platforms and other apps that provide their service for “free” will often sell your data to make a buck. This data can also be valuable to hackers engaging in phishing or identity theft. Audit all the online platforms and apps you’re using, and review the permissions you’ve granted. Also, read their terms and conditions and privacy policies to determine what data they are sharing with third parties. What you find might surprise you.

3. Use Two-Step Verification

Wherever possible, use two-step verification to stop potentially malicious parties from logging into your social media, banking and other online accounts. For example, once you’ve turned on the “login approval” function, Facebook will start sending you an SMS with a unique passcode every time someone tries to access your account from a new computer or device. Likewise, you can set up your Twitter account so it sends a six-digit verification code to your phone every time you attempt to log in.

4. Opt for Secure VPN Connections

Hackers can use unsecured wi-fi connections to access your device and cause all sorts of havoc. When you connect to a public wi-fi network, you often have no idea how the connection is protected, or if it is protected at all. Using a secure VPN (virtual private network) connection will help you close the chink in your security armor that exists between your device and the internet server you’re using. There are many VPN service providers available on the market (such as NordVPN and Surfshark), including some that offer their services for free. They’re invaluable for keeping prying eyes off your banking passwords, credit card numbers and other highly sensitive private data.

Sadly, you can never keep your data 100 percent safe, but most criminals work on the “least effort” principle. If you follow the four steps above, cracking your data will likely be more effort than it’s worth for most cybercriminals ⁠— and that’s often all it takes to keep them moving on in search of an easier target.