Skip to content

Misconceptions about cybersecurity

There are many incorrect tips and misconceptions about cybersecurity on the internet. On this page, we will examine the most common myths and explain why they are wrong.

Myth: Biometric Authentication should be disabled

Many people think that Biometric Authentication (fingerprint, face recognition) is less secure than a password and recommend disabling it.

Reality

In modern devices, Biometric Authentication is very secure and significantly improves device protection:

  1. Biometric data is stored in encrypted form in a special secure zone (Hardware Security Module / Secure Enclave).
  2. It makes using strong passwords easier, since the user doesn't need to enter them frequently.
  3. Biometric Authentication protects against "shoulder surfing" (when someone watches you type your password).
  4. If you have Biometric Authentication disabled on your phone, this necessarily means you are also using a very simple password.

Mobile operating systems have the ability to quickly disable biometrics in cases where you think you might be forced to pass Biometric Authentication:

iOS: press the power button quickly 5 times, or press and hold the power and volume up/down buttons for 3 seconds.

Android: press the power button and select Lockdown.

After this, the next unlock of the device will only be possible with a password.

In general, in case of a threat, the best solution is to completely power off the device.

Myth: Incognito mode provides complete anonymity

Many think that browsing in incognito mode makes them completely anonymous on the internet.

Reality

Incognito mode only locally deletes browsing history and cookies. It does not protect you from:

  1. Your internet provider
  2. Websites you visit
  3. The network administrator

It is better to use a VPN, but remember that even this does not provide anonymity. Complete anonymity is a complex topic and the risk of making a mistake at every step is very high.

Myth: A strong password alone is enough

Many think that if they have a strong password, their account is secure.

Reality

A strong password is important but is not enough:

  1. Multi-factor Authentication (2FA) is essential for additional protection.
  2. Using a Password Manager allows you to have a unique, strong password on every account.
  3. Regular updates and safe browsing practices are also essential.

Myth: Installing antivirus software is necessary

Many think that installing additional antivirus software is necessary to protect their device.

Reality

Modern operating systems already have built-in antivirus protection, which is sufficient to protect against most threats:

  1. Windows has Windows Defender, macOS has XProtect and Gatekeeper, while mobile operating systems (Android and iOS) have powerful built-in security mechanisms.
  2. Additional antivirus programs often reduce system performance and may themselves become a source of security risk due to their high privileges.
  3. User behavior (e.g., clicking suspicious links, downloading programs from untrusted sources) remains the main risk factor, which no antivirus program can solve.

Instead of spending resources on additional antivirus programs, it is better to focus on regular system updates, using strong passwords, and practicing safe internet behavior.

Myth: Certain browsers are absolutely secure and private

According to some recommendations, specific browsers (for example, Brave or Firefox) are absolutely secure and private, while others (for example, Chrome) are not.

Reality

Browser security and privacy is a complex topic and there is no single, ideal choice for everyone:

  1. All modern browsers collect and transmit large amounts of information to websites about you and your device, which is necessary for their functionality.
  2. While some browsers (e.g., Brave) may offer better privacy protection with default settings, this may create a false sense of security.
  3. Many popular browsers (Chrome, Brave, Edge, Opera) are based on Chromium, which means there are many similarities between them from a security perspective. The differences are mainly in additional features and privacy settings.
  4. The security of any browser significantly depends on user behavior and configuration settings.
  5. Popular browsers receive security updates more frequently and faster due to their large teams and resources.
  6. When choosing a browser, consider your needs, convenience, and the fact that regular updates, user behavior, and proper configuration are more important than choosing a specific browser.

Instead of relying on one specific browser, it is important to:

  • Regularly update your browser
  • Use safe browsing practices
  • Install trusted extensions to improve privacy (e.g., uBlock Origin)
  • Use a VPN when needed
  • Know that absolute privacy on the internet is practically impossible

Use the browser that is most convenient for you, but don't forget general security practices.

Conclusion

Cybersecurity is a complex and constantly evolving topic. It is important to obtain information from trusted sources and critically evaluate common advice. Always verify information before taking security measures and don't forget that the balance between security and convenience is often the best approach.

Help