Wirecutter
Skip To Content
Wirecutter
  1. Software and apps
  2. Computers

Simple Online Security: Secure Your Sensitive Data

Published
An illustration of a jigsaw puzzle in which one of the pieces says “secure your sensitive data".
Illustration: Dana Davis
Thorin Klosowski

By Thorin Klosowski

This is just one step in a series created to help anyone improve their online security regardless of their technical knowledge. For more information, see our complete Simple Online Security series.

Financial data is some of the most important and sensitive information you store online. Although banks have insurance protections when something goes wrong, correcting mistakes can often take weeks, and in that time you may not have access to your money. There’s no perfect method to securing everything, but you can take a few steps to make things safer.

  • Add two-factor authentication to all financial accounts: We’ve talked previously about enabling two-factor authentication for your most important accounts, and your banking accounts rank high among them. You should enable two-factor authentication through your bank, any mobile payment apps you use (such as PayPal or Venmo), or any investment accounts, including 401(k) plans.
  • Freeze your credit or enable fraud alerts: The simplest way to prevent thieves from opening accounts in your name is to freeze your credit reports. Doing so creates a roadblock of identity verification before a new account can be opened in your name. Having a freeze in place can be a pain if you’re in the middle of making big purchases or if you need access to credit, in which case you should consider enabling fraud alerts instead.
  • Use virtual credit cards when possible: Credit card theft tends to happen when a credit card number gets leaked or stolen (such as via a credit card skimmer at a gas station). To combat this problem when you’re paying for things online, consider virtual credit cards offered by your bank or a third-party service like Privacy, both of which create one-time-use card numbers that aren’t useful to scammers. If you have a smartphone that supports built-in services like Google Pay or Apple Pay, you can use them when retailers indicate acceptance of those payment methods online.

If you use a fitness tracker, be sure to secure any data it collects. To confirm that you’re not accidentally broadcasting personal information to the whole internet, including your address or any physical measurements, check over any privacy settings in your apps and online accounts.

  • Enable two-factor authentication for any service that supports it: Two-factor authentication for health apps isn’t as commonly available as we’d like to see, but most major services (Apple, Fitbit, Garmin, Google) offer some support in that regard. If a service doesn’t offer two-factor authentication, see if it at least supports logging in with another account that does, such as Apple or Google.
  • Tweak privacy and sharing settings: Many fitness apps have a social component that allows you to compare exercise activities and fitness goals. But if you set that up improperly, you may reveal information about yourself that you don’t want to; you’ll need to tweak the privacy settings to avoid that. This goes for both the fitness-app platform itself and any third parties you’ve connected it to. Here are some privacy options to consider on the most popular apps:
    • Apple Health: Tap your avatar, and then tap Privacy > Apps. Here, you can disconnect apps, disable permissions, change research-study enrollment, or delete data. If you have an Apple Watch, you should also check the Watch app and then tap My Watch to see who you are sharing data with. You can read more details on Apple’s support site.
    • Fitbit: Tap your avatar and then tap Privacy & Security > Privacy. On this screen you can change what data is private, public, or limited to friends only. Under Privacy & Security > Manage Data > Manage Third-Party Apps, you can review which third-party apps can access your Fitbit data. Read more details on Fitbit’s support site.
    • Google Fit: Tap Profile and then the gear icon. Here, you can manage which apps can access fitness data and change location-tracking settings. Read more details on Google’s support site.
    • Garmin Connect: Tap More > Settings > Profile & Privacy to change who can access your Garmin profile, see activities, and control what health details show up on your profile. In the Data section you can also opt out of certain features such as Garmin Coach and Insights, the latter of which compares your data against that of other athletes. Read more details on Garmin’s support site.
    • Peloton: Tap More > Preferences and scroll down to the privacy section. You can make your profile private, hide your age and gender, and hide your outdoor running route. Read more details on Peloton’s support site.
    • Runkeeper: Tap Me and then the gear icon in the top-right corner to get to the Settings page. Scroll down to Privacy to change who can see your activities. You can also revoke third-party apps from the Apps, Services, and Devices page. Read more details on Runkeeper’s support site.
    • Strava: Tap your avatar and then the gear icon in the top-right corner. Scroll down to Privacy Controls to change who can see your profile, activities, and more. You can also set up a Privacy Zone around your home to make it difficult for followers to figure out your home address. Read more details on Strava’s support site.

This article was edited by Arthur Gies and Mark Smirniotis.

Meet your guide

Thorin Klosowski

Thorin Klosowski is the former editor of privacy and security topics at Wirecutter. He has been writing about technology for over a decade, with an emphasis on learning by doing—which is to say, breaking things as often as possible to see how they work. For better or worse, he applies that same DIY approach to his reporting.

Mentioned above

Further reading

Edit