It used to be that when you traveled, you only had to worry about having your physical items stolen. Now, as the world becomes increasingly connected, we also have to worry about cyber-pickpockets.
When you’re getting ready for a trip, the last thing on your mind is whether or not someone at the airport can hack your phone or computer. You might think, “Ah, who cares? I have nothing worth stealing,” but sadly that’s just not true. Look closely at any of your tech devices, and you’ll see a trail of digital breadcrumbs that lead to identity theft.
Save yourself the headache of losing account access, personal information, and time, by setting up a few safety measures before you leave. These are the basic security tactics you can use to keep your data safe while traveling.
Let’s say that while you’re on the road, a good friend from back home asks you for your Netflix login. You’re happy to give it to them, and quickly send a message with the details. But, wait!
What other accounts do you have associated with that same email and password? How secure was the message you just sent? If it wasn’t encrypted (SMS and many messaging apps aren’t), your account information is now easily visible to others.
The best option you have for sending private messages while traveling is a messaging app that uses end-to-end encryption. These ensure a message is secure and unreadable by others, from the time it’s sent to when it’s received by the intended recipient.
So, for the love of security, don’t send sensitive information via text! Try these options instead:
If you look at the messaging apps on your phone, you likely have WhatsApp and Facebook Messenger installed already. WhatsApp is an okay option — it uses end-to-end encryption software, but there are questions about whether app owner Facebook collects the metadata from your messages. The company’s Messenger service collects even more information about you, so if you’re sending anything sensitive, you’ll want to use something else. That’s where Signal comes in.
Look at any article on messaging security and you’ll find some mention of Signal, an end-to-end encrypted messaging app that doesn’t collect any personal data except your phone number and the days you log in. Signal’s code is also open-source, meaning it can be publicly examined for possible security vulnerabilities.
Now, Signal isn’t perfect, but if your other options are being watched by Facebook or keeping your texts unencrypted, Signal is hands-down a better choice for security.
Use an Old Phone Just for Travel
Scroll through your phone and you’ll find loads of unprotected personal information. Don’t want hackers to access those texts you sent your family five months ago or photos from your last few trips?
If you’ve got an old smartphone, install the latest operating system and security updates, then wipe it, install just the apps you need while on the road, and use it purely for travel. Leave your main phone behind for when you get back.
Storing Passwords, Security Codes, and More
Often when you download a new app, it requests access to the contacts on your phone so it can “find your friends” who also use it. This doesn’t seem like that big of a deal, until you stop to think about it.
What’s actually in your address book? Are there email addresses, passwords, or perhaps even social security numbers and other private information hidden away in there? Once you give consent for the app to access your contacts, it can immediately gather and store all the data from your address book onto its servers. Yes, all the data. Yikes.
The address book on your phone isn’t a vault, so don’t keep valuable information in it. Instead, try using some of these options:
Use Password Managers
A password manager helps you store and encrypt passwords for your online accounts. Not all of them are foolproof, but security experts agree that password managers are a reliable step forward in password protection. Depending on the type of information you want to store, Dashlane, Bitwarden, and 1Password are all worth looking into.
Before using any such service, be sure to do a little research to see if it has had any recent security breaches. Safety first!
Maintain a Password-Protected File
If for some reason you have to keep your passwords or credit card information on one of your devices, at least use a hidden, encrypted, password-protected file.
Lock & Hide Folder lets you do this on Windows. Our favorite encryption tool, Veracrypt, also lets you create a secure vault on Windows, Mac, or Linux that looks like any other normal file.
Accessing Email Accounts
Every time I travel, this happens: I’ll try to log into my email account, only to be prompted to verify my identity a second time through text. Great, now hackers can’t get into my account, but half the time, neither can I.
This type of approach, known as Two-Factor Authentication (2FA), is good for security. It can get tricky when you’re traveling, though, and sometimes even block you from accessing your own accounts.
The most common problem? Generally, you’ll receive a text message with a code that allows you to login or authorise bank transactions. Even if you’ve got roaming enabled, though, SMS delivery is a lot less reliable when you’re overseas. Sometimes, it just won’t work at all in the country you’re in.
Don’t get stuck trying to get into your own accounts abroad. Instead, use these options for enabling two-factor authentication and keeping your accounts safe:
Reset Your Accounts Before You Leave
Before you leave your home country, take a minute to log out of and back into all of your accounts, on any device you’ll take on your trip. Gmail and other service providers verify your device with 2FA once every 30 days, so logging in again resets this counter.
Use Google Authenticator
Download Google Authenticator or Authy. These apps generate a code for you to use when logging into your Google, Amazon, Facebook, Dropbox, and several other accounts. Simply set it up before you travel, and you’ll be able to access 2FA codes even when your phone has no cellular service.
Set up a Travel Email
How long have you had your primary email address for? Just picture all the information that’s been littering your inbox for years: old essays, online receipts, awkward prom photos from your blunder years. Do you really need to bring all that information with you while you travel? No, you don’t.
Instead, set up an email you can use purely for when you travel. You can use this account for logging into Wi-Fi networks, or signing up for deals while abroad. This will also prevent individuals, email marketers, or phishers from tracking your activity. Be sure to use a completely different password from your main email account, though.
Connecting to Wi-Fi Networks
Working while traveling comes with a number of challenges, not least being the constant search for reliable Wi-Fi networks. You’ll find airports, cafes, and public spaces riddled with “public Wi-Fi”, but how do you know whether these networks are legitimate or created by someone looking to steal your information?
If you need to access sensitive information for work or personal use, accessing public Wi-Fi networks (and even those protected by passwords) is a huge security risk.
Consider this, accessing a website (like your bank’s homepage) on public Wi-Fi can leave you open to a man-in-the-middle attack. This type of hacking attempt can redirect a website visitor to a fake site that looks just like the one they’re expecting. Suddenly, the hacker has the login details for your bank account, and you get to spend the rest of your trip (and likely, much longer) dealing with the consequences.
So, what can you do to secure your devices? Try these safety measures:
Above All, Use a VPN
If you read this site regularly, you’ve probably heard about Virtual Private Networks (VPNs). In case you haven’t, VPNs secure and encrypt your internet connection, so hackers can’t see your information or online activity. VPNs are a necessity for keeping your information safe while traveling. To free you from the headache of picking one, I’d start by checking out Tunnelbear and VyprVPN.
Secure Your Web Browsing
Accessing websites that aren’t secure is risky. How can you tell which is which? Take a look at your browser’s address bar to see if the web address begins with HTTP or HTTPs. A secure website address starts with HTTPS, and has a small padlock icon alongside. This means it’s using an SSL certificate to encrypt and protect your data as it passes from your browser to the webserver.
Instead of manually adding HTTPS before every website, you can do it automatically by downloading a browser plugin like HTTPS Everywhere. Doing this adds a useful layer of protection, but it’s not foolproof — while secure SSL connections are becoming more common, they’re not guaranteed on every site.
It’ll take less time to set up many of these safety measures than it took to read this article. Follow these tips, backup your data regularly, clean up your devices when you return from your trip, and relax in the knowledge your personal information is now a whole lot safer.
Have other tips for keeping personal information secure when traveling? Share your insights in the comments!
Images via Unsplash
Do you know any secure chat apps that don’t require a phone number? That’s kinda a pain when traveling I change my number ever month.
I use Telegram, which is often used by activists and journalists, and like WhatsApp and others, it only uses the phone number for activation, not ongoing use. My phone number changes all the time as I move countries, but Telegram keeps working.
It’s only a problem if I change phones or need to reinstall the app for some reason. I actually associate a virtual Google Voice number with my chat apps anyway, to get around that activation issue.
Hey Dave. Would you explain virtual Google voice number?
Also, anyone have updates and ad ice about Krack hack.
It’s something I should write a dedicated article about at some point — added to the list! In short, it’s a free virtual phone number service offered by Google. It’s North American only — you get a US number, but need to be in the US to do the initial sign up (or use a VPN that makes it seem that way), plus have access to an existing US phone number to get the setup code.
Once it’s set up, though, it works anywhere in the world that you’ve got a data connection, via the Google Hangouts app on your phone or tablet. Calls and texts to and from North American numbers are free, and prices to/from elsewhere in the world are typically pretty cheap.
It’s the one number I have that works anywhere in the world, even when I change SIM cards. I use it primarily to get verification codes from (eg) chat and other apps as mentioned, to call US numbers for free when I’m elsewhere in the world, and to provide a US number for someone to call me on as needed.
It’s at https://voice.google.com/ if you want to check it out.
You explained Voice better than I’ve ever seen… and in only 3 paragraphs. Thank you.
I would love to see such a dedicated article as Voice seems to be the best alternative for having a single continuous phone number that follows you around the world. Appears the remedy for receiving text confirmations from financial institutions or calls from your US doctor, lawyer or other professional.
Am I correct in assuming this? No one ever addresses this issue and I would greatly appreciate anything you may ever provide as TMA is my flagship travel tech site.
Thank you for the excellent content!
Thanks Jack! Yes, it’s likely the remedy for calls and text confirmations from your US bank, doctor etc. Occasionally you find an app or company that doesn’t want to work with virtual numbers, but it’s rare — I’ve only come across it once, maybe twice, in the last several years.
Look out for that Voice article in early 2018. 🙂Here’s the article!
Fantastic informative article! Thank you
Great, very informative article! I didn’t realize that prudence required to take so many prep steps! Well, not that many really. I’ve bookmarked this page as a pre-travel checklist.
Do you recommend using a VPN all the time, even when at home base? Does it noticeably slow down internet speed? Thanks!
Since even the best VPNs will slow down most Internet connections, I only use one on networks I don’t fully trust. Basically, I’ll use it almost all the time while traveling, but rarely when I’m on a home or other more-trustable network.
I plan to purchase a local SIM card in New Zealand, which I believe means I will have a different phone number while there. When using two-factor authentication, can I change phone numbers and then revert back to my usual phone number when I return home?
As long as your bank etc isn’t weird about using international numbers (many are, sadly), then yes, you should be able to change it to your new number and back again.