One thing I have noticed whenever I use the Internet in a public place is that people are still logged onto web sites. The average individual may not realize that even after they close the browser window on the computer they were using, they are still logged onto that website. Websites should give you some heads up on whether or not you are logged onto that site. Here are a few notices you might see, and how you should respond before logging onto that website.
If you see “sign out”, anywhere on a website that means that someone is still logged into that site. I might be you, or, if you sat down at this computer for the first time, it could be someone else. If it is not you, then sign out of that website before signing yourself in.
Keep me signed in
(Uncheck if on a shared computer)
This means that even after you close the browser window, you will still be logged onto that site. A shared computer is one that other people in your household are using, a computer that is not actually your computer (such as a library or an airport, Kinko’s, etc.), or even an open network, such as a router you are logged into that is not secure. If you do not know if your own router is secure, Windows will tell you before you log into that router. If you never log into the router, the computer is logging you in automatically. Do a search on Network Connections, double click on the wireless network you are in and figure out which router you are logged into.
If you are on an open network, such as the one that I am on now at my public library, it might be a good idea to make sure that other people cannot peek into your hard drive. The first time you log into that network, Windows will ask you whether this is a public, home, or work network; if you choose public, Windows will automatically restrict the ability to be seen on that network. This means that people will not be able to pull files off of your hard drive when you are in a public place. You should get into the habit of doing this every time you connect to a different network, because Windows will not automatically assume that every unknown router it encounters, is a public network.
Finally, if you see “keep me signed in”, realize just how long you will be signed into that website if you do not remove that option. Some websites, like Yahoo! only keep you signed in for 2 weeks, others may keep you signed on indefinitely. That means that if you sign into a Yahoo! site and leave that option in place, even if you sign in on a different computer using a different router, chances are you are still signed into Yahoo! on the old computer. This is how people are able to be signed into a site from their cell phone, PC, laptop, Xbox, tablet or even an old iPod at the same time.
How do I know which computers I am signed onto?
The only way you will ever know is if that site offers the ability to check and see. Google offers this ability, but you have to be signed into Gmail to find it. Facebook also offers this ability. On Facebook go to Accounts > Security > Active sessions. If you see more than one active session you are signed onto more than one device or computer. End all of your active sessions and you will only be signed onto the device or computer you are actually using.
In Gmail go to all the way down to the bottom of the screen and look at “last account activity”. Click on details, then click on “sign out of all active sessions”. Do not be alarmed if you see more than a few different sessions.
One way of ensuring that you do not stay logged into sites is by using the private feature of your browser.
A lot of browsers provide the ability to go to a website without passing on cookies. A lot of individuals think that the only need for this feature is to avoid the programs that are left on your computer by pornographic websites, and that is one use. But the real magic is the ability for more than one person to be logged into the same website, from the same device.
Say your spouse or kids always log into websites, but never log out. You could log them out of those websites, but that would cause an argument. Use the private feature of your favorite browser; they can stay logged in, you do what you need to do and leave, and they are still logged in. I started doing this at home because my wife was always logged into Gmail, and I always wanted to log into YouTube, watch my subscriptions, then leave. I found it was easier to use the private browsing feature of Chrome to get into YouTube, do what I needed to do, and then leave.
If you do not know about this feature, find out about it. On Chrome you simply click on the wrench and go down to “new incognito window”. Once you close out of the incognito window, all of the sessions within that window are closed, and no cookies are left behind. IE and Firefox have similar features; the feature on those browsers is a lot slower, and more tedious, than it is on Chrome though. Those browsers also close entirely upon closing the private session, because the session replaces the traditional session entirely. However, once you open up the programs again, you go back to wherever you had left off on the traditional session. On Chrome, your incognito session runs on top of the regular session, so you can always see the regular session in the background.
Now this will not work if you are using a locked down computer where you cannot access these options. But it is a good idea to use them if you are using an open connection on your own computer somewhere else.
Connect With Facebook (or in some rare cases, Connect With Twitter)
In order to simplify registration with some websites, and option to use your Facebook or Twitter account is often presented as an alternative to filling out your name, address, phone number, e-mail address again! I have done this with websites in the past. When doing this you may want to make sure you actually check your Facebook and Twitter profiles to make sure that activity on those sites is not automatically going into your feed for those social networks. You could sign up for some freaky forum on a random site on the Internet through Facebook and Twitter, get into some risque conversation, and then find those comments on your Facebook and Twitter time lines. Facebook makes it easy for you to revoke the publishing rights of something you don’t want everyone to see (remember, “remove this post” removes the initial post, but you will still have the website posting on your behalf in the future, so always choose “revoke publishing rights”). In Twitter, you actually have to go into your settings and check the list of applications that have access to your profile (in general, if you see an application you did not remember, or are unsure of, simply block that application). Even if you use Twitter, and do not use your real name on Twitter, if Twitter itself has publishing rights to Facebook you are in the same boat. Go into those settings on Twitter and see what applications are publishing on your behalf.
Do not allow a web browser to save your password.
This is like leaving a set of keys in a parked car with the window rolled down in the summer. Did I mention the out of state license plates? Allowing your web browser to store your passwords is perfectly fine until you have someone work on your computer, or someone comes into your home and uses your router, or your kid decides to use your computer. It just is not good common sense. The problem in doing so, is that people can come in behind you and change that password, and then you have to verify your cell phone number, and all of this other token information to get the website to change that password changed back.
Another issue that comes up that I have noticed while talking to customers on the phone is that people often forget what that password is (because they only entered it once). So then when I changed the password for them, they were utterly confused when Windows informed them that the password they were entering did not match the password that Windows had stored. That message has a very literal meaning to it; that Windows is now faced with a password that you did not save previously, but people always find a way to make it mean something else than it really does. You are better off knowing what your passwords are, than leaving it up to Windows or Mac OS; what if you have problems with the hard drive and the operating system cannot log you in because it does not know where to find the password, and you do not know where to find it either. That is one 45 minute wait for a technical support agent to answer the phone for a 2 minute conversation that you do not have to endure.
Above all means, log out of your websites! Do not simply assume that you are logged out just because you closed the window. In some cases, such as YouTube, logging out may be trivial because you do not honestly care if someone else sees what you are doing. Then again if you actually subscribe to people or get messages on YouTube you might. If you use Google a lot and have a Gmail account and a Google + account, log out of Google!