Five Privacy Tips You Shouldn't Ignore

Cybersecurity is no joke, but it doesn't have to be complicated to make a difference.

A woman and preteen look at a laptop together.

From minor inconveniences like annoying spam emails or texts to the serious threat of identity theft, the stakes for privacy have never been greater in the digital world. Photos, emails, financial data, health records, and other personally identifiable information live in online accounts, school administrative databases, on popular apps used by students, teachers, and parents and caregivers, and on our personal devices.

The truth is, cyberattacks are becoming more common and, unfortunately, many hackers gain access to our information from common mistakes we're all guilty of making. No shame here. And despite what you might think, hackers target individuals just as frequently as organizations like large healthcare institutions or K–12 schools.

At Common Sense Media. we are committed to helping kids and families learn more about practical steps to keep personal data safe. Whether you're a parent interested in protecting your family's personal and financial information, or if you're an educator who wants to keep students' data secure—and teach them how to do the same—here are five simple tips to keep your data safe on- and offline.

1. Don't ignore requests to update passwords.
You've heard this before, right? Time to follow through.

Reusing passwords on multiple sites or apps is one of the most common mistakes that people make online. If cybercriminals are able to easily guess a password used across several accounts, vulnerabilities can be left undiscovered for years. For example, kids' credit isn't monitored as often as adults', so identity theft can go unnoticed until it's too late, like when your loan application for a credit card, college, or house is denied.

There are two ways to keep your passwords secure. First, use a strong, unique password for every account (a combination of at least 12 upper and lowercase letters, numbers, and symbols). Second, try a password manager to create and store your complex passwords. You may have already used one that's built into some of your devices. The ones built into Google, Apple, and Microsoft (or even into internet browsers like Firefox) offer automated password management across your devices.

Learn more and find recommended password management tools at Cybersecurity Toolkit for Individuals from our friends at Global Cyber Alliance

2. Require online accounts to verify your identity.
This one is super easy. It's like having more than one lock on your front door.

Many online accounts offer something called multi-factor authentication (MFA). While it sounds complicated, all it means is that before logging in to a site or app, like your bank or your doctor's office, you have to confirm that you are who you say you are. That's a good thing!

MFA acts as an additional layer of security to prevent unauthorized users from accessing accounts, even if your password has been stolen. Enabling this feature, combined with a unique password, makes online accounts much harder for hackers to access. And the best part? It only takes a few seconds.

3. Enable automatic software updates for any device that accesses the internet.
Did your printer tell you that "a firmware update is available" and you ignored it? Don't!

No software is impenetrable, but once companies or organizations discover vulnerabilities, they push out updates to help keep users safe. Cybercriminals often look to exploit outdated software. Keep all your devices—including computers, smartphones, tablets, "smart" home devices, printers, and Wi-Fi equipment like your router—up to date with the latest security patches, software, and firmware updates. By enabling automatic updates (a feature usually found within the product's settings), these devices will stay equipped with the latest defenses.

As more connected gadgets (known as IoT devices) become available for use at home and in schools, weigh the risks and benefits. To identify trustworthy products, keep an eye out for wireless IoT products that bear a U.S. Cyber Trust Mark.

4. Routinely review privacy settings and app permissions.
OK, we know, this one sounds boring. But it is worth a few minutes of your time.

Social media platforms and apps often update their privacy policies. Sometimes they opt users into sharing more information than they'd like, or giving platforms too much access to your device. Pay attention to these updates and regularly review the kind of data that is collected and shared. By opting out of or limiting the collection of data such as cookies, installing ad blockers, and reviewing permissions that frequently grant access to our photos, microphone, camera, and location data, you can reduce the risk of personal data falling into the wrong hands.

Kids of all ages should also be reminded of their growing digital footprint as they navigate life online. Make it a household or classroom rule to keep personal accounts private and to "pause and think" when sharing personal info (such as full name, address, phone number, and birthday) or before saying something that could be perceived as harmful or untrue. It's easy for kids to forget that posts and messages online do not disappear.

Review our privacy ratings and reviews of popular products to help limit exposure of personal information.

5. Empower kids to understand the basics of cybersecurity.
This one is in the category of, "We're all in this together."

Research by Common Sense found that 42% of kids have a phone by age 10. By age 12, it's 71%. And by 14, it's 91%. But even younger children have frequent access to smartphones and tablets that can be riddled with vulnerable, outdated software and even malware.

Often, hackers gain access to schools via apps or emails opened by staff or students. Empower kids to use technology safely by knowing the signs of common attacks, such as phishing scams, ransomware, and social engineering attacks. Some ways to stay safe and secure include never opening unknown links or QR codes, quickly checking for website security (fun fact: the "s" in https:// stands for "secure"), and not downloading music, movies, or even video game content from untrusted sites.

Check out a recent webinar we hosted with CYBER.org on how parents and teachers can confidently teach cybersecurity best practices and build the next generation of strong digital citizens. And Common Sense regularly publishes resources to educate kids of all ages on the importance of privacy and security. For even more, check out our other partner sites at Girl Scouts, Cyber.org, and the UC Berkeley Center for Long-Term Cybersecurity.

Thanks to the generous support of Craig Newmark Philanthropies and our partners in the Cyber Civil Defense Coalition, we've accelerated our efforts to help you protect your data online. Visit our resource page to learn more, and let us know if you have your own tips for reducing online threats to you and your family.

Brenna Leasor

Brenna Leasor is the tech policy counsel for Common Sense, where she advocates for state and federal policies to close the digital divide, promote safe and responsible AI, and educate consumers on online safety practices to keep kids safe in our digital world. Prior to joining Common Sense, she supported the policy and government relations function for a global professional services firm.