4 myths -- and facts -- about online security

My hack stole your credit card
My hack stole your credit card

Use strong passwords and don't go to sketchy websites, and you'll protect yourself online, right?

Well... That's a good start. But it's not quite that simple.

A new report from Pew Research details some of American's biggest misconceptions about cybersecurity.

Myth 1. Emails are always secure

Fewer than half -- 46% -- of people said they know email is not always encrypted. Encryption ensures only the sender and recipient are able to access the emails.

Although many email providers, such as Google and Yahoo, encrypt emails, it's not universal. Some companies alert users if communications are unencrypted -- for instance Gmail displays warning icons when you send or receive an email from an insecure source.

If you're concerned, switch to Gmail, Yahoo Mail, or another provider that encrypts by default.

Myth 2. "Private browsing" is always private

Surfing the web in private (or incognito) mode prevents the browser -- like Chrome, Firefox, or Safari -- from collecting data about your activities. But it doesn't prevent an internet service provider, like Comcast, from monitoring your activity.

Just 39% of those surveyed knew broadband companies could see your online activity even when you're in private browsing mode.

privacy checklist how to

Myth 3. Turning off GPS means no one can track me

Almost half of people surveyed either didn't know or were unsure whether disabling GPS prevents all tracking. Your phone's built-in location service is just one way data can be collected.

As Pew Research notes, your phone also connects to cell towers and Wi-Fi networks, and connection to these technologies allows tracking too.

Myth 4. My password is enough to protect me

Strong passwords are good, but security experts also recommend using two-factor authentication for account security. This means you must have a second login, like a security code sent to your phone, to sign into accounts. It prevents hackers from getting into your account, even if they know the password.

Just 10% of adults can identify one example of two-factor authentication.

Related: Your data is not safe. Here's how to lock it down

Pew Research published a quiz to let people test their cybersecurity knowledge. If you're curious about how to better protect your data and prevent hacks, CNNTech has reported on basic security measures to help you get started.

There is some good news from Pew, however: A vast majority of people can correctly identify a strong password, which includes one with random letters, numbers, and symbols. And 73% know using public Wi-Fi is bad for secure activities, such as paying bills online.

CNNMoney Sponsors