facebook twitter instagram linkedin google youtube vimeo tumblr yelp rss email podcast blog search brokercheck brokercheck

Increasing security, privacy and convenience while online 

As the internet has evolved, more and more of your personal information goes online, and every website you visit carries a risk of your data being shared (with or without your permission) with bad actors.  We've become accustomed to having to register for different websites using our contact information and providing a password.  And this data, while we would hope it would be secured, is not invulnerable to privacy breaches and online hacks.  In fact, I would ask you to assume that any information you put online will eventually become public information.  So what can you do to protect yourself?

Security vs. Privacy

Although related, there are key differences between online security and safety, and protecting your privacy and information.  Most of the focus for this article will be around online security and best practices that you can take that are very simple once you set up the process.  Where pertinent, I'll touch on privacy issues as well though.

Don't be scared of the unfamiliar!

The last thing I want is for anyone to avoid being more secure because they're unfamiliar with the process and don't understand how it works, or they think it will be inconvenient.  So my goal now is to walk you through how it works so you can see how seamlessly and effortlessly it can fit in with your online access.

Why Proton?

There are many services on the internet that you can use, but I'm going to focus on Proton for a few reasons.  First, I have experience with it!  But the reason I chose Proton is that they put security and privacy first in all products they offer, and that every piece of data you provide them is end-to-end encrypted which means that nobody can access that data except you (not even Proton!)  As well, their code is all open-source and they're based in Switzerland who have very robust privacy laws.  (I have no affiliation or ties to Proton, financial or otherwise)

Another reason I suggest trying Proton services is that their belief in internet security is so paramount that they offer all their basic services at no cost.  Password managers, email, and several others can be utilized with no financial commitment on your part.  There are certainly opportunities to upgrade to more robust services if you choose, but the basic free options still provide great solutions for their niches.

As well, their solutions work across all the different platforms and browsers, so you're not locked into Google, Apple, Windows, Chrome or any other entity.  This keeps your data and privacy away from these corporations that make money off of your own information!  So, let's proceed:

Proton Mail - the foundation

To start with all the Proton services, you need one sign-up for the entire Proton account suite.  Since your Proton user id is based off a Proton email address, that's a great place to start.  You can get more information and sign up at  https://proton.me/mail  Even if you don't think you need or want the email account, do this as it's an easy way to get your Proton ID established.

On this site, you'll select your username and what tier mail service you want.  I use the free account and it works great, and you can always upgrade later so I suggest you start with free for now.  

Now that you have a Proton Mail account, I very highly recommend changing your email account to the Proton Mail for any provider that sends you sensitive information. For example, I've had all my banks, credit cards, credit agencies, etc changed to use my Proton Mail address.  This accomplishes a few things:

  • All information that they send me cannot be read by any third parties such as Google or other intermediaries. (Ok, quick technical note - email IN TRANSIT is always encrypted on the way from sender to you but that's not the concern here.  The concern is about once that email hits your inbox it now sits there unencrypted unless you use one of the few end-to-end encryption services like Proton Mail)  
  • If a phishing email (a bad actor claiming to be someone else with the purpose of gathering sensitive information) comes in to any email box of mine other than Proton, it's already a red flag and I will approach that email with caution.  For example, if I get an email purporting to be from my credit card company (who has my Proton Mail address) in my Gmail or work account, it's already suspicious and I'll treat it so, and I won't click on any links.

So, let's talk about links in emails, and how Proton provides a robust warning any time you click a link in a Proton email.  As an example, I have my Proton email as my contact information for Experian, so when I got an email from them to review something, this is what came up when I clicked on that link: 

As you can see, it's giving me confidence that the domain it's trying to send me to is, in fact, Experian.com, and not some site I'd rather not visit.  Now, having some defenses like Bitdefender or a good malware-safe DNS help protect me even more, but this is a great idea that Proton uses that I'd love to see other services provide (maybe some do?)

Ok, so maybe you're not excited about setting up yet another email account to have to check.  Not to worry!  If you have an email in your Proton in-box that has been unopened for a day, you can set up the option to get a notification email at your primary email account!  So no need to check it regularly if you don't care to as you'll get notified when there's something to review!


Proton Pass - the password management solution

Now that you have your Proton ID via the Proton Mail setup, you can start to set up your Proton Pass (password manager).   Before we do that, though, let me walk you through how it works and how seamless it is once it's set up (which is also very easy).

For these illustrations, I'm assuming you've never used any password management through an alternative service or browser, but if you already have another solution, you can import your existing logins into Proton Pass, but for now, let's assume your password manager is a scribbled-on napkin.  

NOTE: before we get into how to get set up, let me just show you how it works once you set it up:

While you're enrolling in Proton Pass, if you're using a browser (e.g. Chrome, Edge, Brave, Opera...) on a PC or Mac, you'll be prompted to install an extension on your browser.  It will live up in the corner with any other extensions you may have, and while the extension is installed, it will take care of the login process.  

If you prefer an Apple, Android or other device, no problem there either.  Each platform has a Proton Pass app you can use to manage your passwords and password access.  But for the purposes of this walkthrough this is all shown on a Windows Chrome browser although the process will be very similar on other platforms.

Setting up a new login

Here's the New Haven Register's site where we'll can create an account as an example.  In the email address you would enter your own (I entered the "myaddress@email.com" but you would use your own or the default Proton Mail option if you choose) and when you tab down to the password line, it automatically suggests a unique gobbledygook password for the login which you can simply click on to accept it.  If you already have an account and password, then just type it in here instead of selecting the generated one.

Once you've either entered your existing password or selecting a generated one for a new login, you will then be asked by Proton if you want to save the login credentials (note that the realm.hearstnp.com URL is the website for registering with the New Haven Register) and, of course, you'll click ADD.

Assuming you click "add," that login information is now stored in Proton Pass!  Done!

But what if you have to update your password at some point?  Again, easy!  If you change a password at any point and Proton Pass sees that you've entered a password different than what it has stored, it will ask you if you want to either update your existing password or create a new login (for example, if you share computers with someone and you each have your own login)

Logging in with stored credentials

Next time you go to log in, you'll now be greeted with a different dropdown, as your information is already known to Proton: 

Simply click on that login option and your information will be used to log you in.  Can't be easier.

In the case that you have multiple logins for the same site, that's easy as well.  For example, on this site I have three IDs stored (note the "3" in the diamond), and, by using the dropdown, I can select the one I want for this login:

I'd say that the prefill works great most of the time, but sadly not every time.  That's still not a problem, just an extra step.

If you end up on a page that doesn't automatically let you fill in your credentials, you can click on that purple diamond on the top right of your browser and it will pull up a list of all the logins and other stored information that relates to the site you're on.  you can simply click on either the username or password and it will say "copied to clipboard" then you can go back to the login screen and paste it in.  For example, if for some reason my password for my tax planning software wasn't filling in, I could open up Proton Pass by clicking on that purple diamond, type in the site name in the search bar, and then click on the password and it would copy it to the clipboard where I can then paste it in to the webpage.  


Notice on this little popup that there's some other interesting (to me at least!) information, like the date the login was created, the last time the autofill was used, and you can even create different vaults if you want to organize your passwords, but that's totally optional.

I'm on a PC 95% of the time I'd ever log in to anything, but I do have the Proton Pass app set up on my Android Pixel and Chromebook as well.  And, if I wanted to log in to, say, the USPS site on my phone, then when I go to that website I get a box just above my phone's keyboard that I can then click on the login I want and it will prefill on the page I'm visiting: 

Although this example uses a webpage, apps work in a very similar way.

Now, by no means is Proton the only very good password manager available.  I encourage you to find the one that fits your situation best.  I like Proton's mission and I've been happy with their products, so I am happy to recommend it.  But whatever you decide to do, I really do hope you use a good, reputable password manager. 

If you want to get started with Proton Pass, they have a robust free option, or you can upgrade to other plans.  I personally use the Pass Family which helps me manage everything for my brood, but I think for many reading this, you may want to consider the Pass Plus option.  Now, I'm somewhat reluctant to try and push an upsell but I think there are some excellent features that the Plus level offers that offer an easy, robust extra level of security and privacy.  To highlight two:

Unlimited aliases

You know how you when you sign up for a newsletter or even give a company your email address and now it seems you're getting email from all sorts of random places?  Aliases help fix that problem.  Let me show you how I recently used this feature in real life.  I recently compared insurance quotes online but really didn't want the follow-up.  So, I created an email alias.  Now, The Hartford doesn't have my "actual" email address, they have an address I used specifically for this one-use case.  

Now, when I'm done communicating with this company, I can trash the alias and will never have to hear from them again!  As well, if their data gets hacked, my "real" address isn't out in the interwebs.  And databrokers can't connect the dots between data sources when contact information doesn't match, so having that unique email address keeps this request out of those digital profiles that databrokers build.

Secure vault sharing

I have found some great use-case scenarios for this, and - especially for my senior clients - I love how this can protect my clients' finances without divulging too much privacy.  Hear me out.

Too many times in my family I've seen cases where aging has affected the ability for this person or couple to manage their financial affairs. I've had to step in and pay bills for my father after he suffered cognitive decline, as an example. And the use-case I can see this adding a huge amount of relief for the family would be this:

Let's say I have a single retiree Humphrey that lives alone and is healthy and cognitively in good shape.  Humphrey has set up his password manager and wants to give access to his son to access his financial accounts, but wants to retain some privacy and doesn't want to give out all the data in that password manager.  Well, Humphrey can create a vault within Proton Pass and assign his financial logins to that.  His bank, credit card, electric company, those kinds of items.  Now, Humphrey can share just that vault with his son, and do so securely, and if Humphrey changes a password, his vault stores that automatically so his son has it instantly as well.  

But free is great too!

If you're just looking for a secure, robust way to use a great password manager simply visit https://proton.me/pass and integrate it in to your routine.  Once you get started, it will become very familiar very quickly.

If, however, you do decide to upgrade to Plus, Family or any paid subscription, you can use the following link.  I admit, I'm slightly reticent to share it but as it does offer value to anyone using it I'll put this referral link out there.  It provides a 14-day trial and if you subscribe they credit you $20 on your account. That being said, I also get a $20 credit but that's not why I'm putting this out there.  So, to offset that, any time I get a $20 credit I'll make a $30 charitable donation.  This isn't about benefitting me, it's about providing you the best security and value.  The referral link is at https://springboardasset.link/ProtonPass

Ask away!

If you made it to the end, congratulations!  It is very important to me that everyone stay safe online, so please feel free to ask any questions of me that you have.  I won't pretend to be tech support, but maybe you and I can both learn something that will help us all stay more secure in this world of technology.