#1. Whenever possible, configure your Internet connection to always use HTTPS. This is the “https” that appears before the “www” in a Web address, and the https is preceded by a padlock icon. For Gmail, this works by clicking Settings in the top right; select the General tab, then hit Always use HTTPS, then save this setting. This option is not available for those who access email via Hotmail. #2. Do not open unfamiliar emails. If you open one you think is from someone you know but realize it’s not, delete immediately. Do not click any links in the message or send the sender personal or banking information. Once you open that link, your computer could become infected by a phishing scam and your information stolen. #3. Install anti-virus, anti-spyware and firewall on your computer and keep them updated. Automated updates are the ideal choice. #4. Do not log into your accounts from an untrusted computer (e.g., at the coffee house, library), or one that you don’t maintain (e.g., friends’ and family’s). Even if you trust your friends and family, their computer could be infected from spyware. #5. Make sure your passwords, plus security questions and answers are strong. Every six months, change your passwords. Never use the same password for different accounts. A strong password has upper and lower case letters plus numbers and punctuation, forming a non-English word. For questions and answers, they don’t have to be true; false information cannot be researched or discovered on your Facebook page, such as the name of “your first pet” when you never had a pet: “Fuzzie-Glow” – who’s ever going to figure that out? #6. Find out just how secure your passwords are. Some setups indicate strength with a rating of “weak” to “strong.” Always choose “strong.” If there’s no rating, go to How Secure Is My Password to see how fast your account can be hacked. On the “How Secure” site, don’t type in your actual password if you’re skittish about doing that (even though the site is secure and will never release it anywhere), but type in something similar. So if your password is “catlover,” type in “horselover” and see what happens. #7. Your password should not be on the list of the most popular passwords. Here is the full list . If yours is there, change it immediately, even if you must give up an easy-to-type sequence. #8. Enable 2-step verification if you use Google for any activity. The 2-step adds additional security to a Google account. After entering your username and password, you’ll then enter in a code that Google sends out via voicemail or text when you sign in. This will make it harder for someone to guess a password. #9. Use a password manager. This service eliminates the need to type in a password at log-in; log in with one click. A master password eliminates having to remember all your different passwords. #10. You may think your password is unique because it’s a jumble of characters, but it may not be very strong simply because it’s not long enough. The longer that uniqueness, the more uncrackable the password will be. #11. Use a virtual private network software to encrypt any wireless communications. A virtual private network (VPN) is a network set up to communicate privately over a public network. For example: You occasionally want to or need to work from home and your employer knows that if you do, the data that travels between your PC and an office PC needs to be protected. Another example is when you use public WiFi, knowing your wireless data can be sniffed out by criminals . Using a VPN solves that problem. Hotspot Shield VPN service is a great option that protects your entire web surfing session, securing your connection on both your home internet network and public internet networks (both wired and wireless). Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America . Disclosures .