I’ve taught courses on privacy rights for ten years and even though privacy rights have strengthened during that decade, each day brings more attacks on companies that hold your user data. This can result in real financial harm for Americans. For instance, someone opened up a Home Depot credit card in my name using information like my social security number and home address that they had stolen from a company database. This ended up costing me four hundred dollars in credit card bills for items I never purchased!

Short of advocating with Congress for increased privacy protections, what can you do to make your information safer? Here are three simple things that take less than five minutes each:

1. Use Two-Factor Authentication. Almost every major online company (such as Google, Facebook, Amazon and others) allow their users to implement two-factor authentication. If you haven’t already, turn that setting on. With two-factor authentication, when you login you are required to go through another step beyond entering in a username and password and enter in a third piece of information, usually a string of letters and numbers sent to your phone or email address. Since you own the phone or email address, entering in this third data point proves it’s really you logging in and not a criminal. Using two-factor authentication makes it difficult for hackers to steal your sensitive information because they have to jump through the same hoops to login and without your phone in their possession, they don’t have access to that third level of security. Here’s how Apple implements two-factor authentication.

2. Use a VPN. A virtual private network (VPN) helps mask your internet activity by routing your information through private, third party computers as you browse. Not only does this protect your information from hackers, but also from your internet service provider (ISP), i.e. Comcast etc. Sometimes using a VPN can also result in faster internet browsing speeds. It takes two minutes to setup and anyone can do it. Cloudflare provides a popular, free VPN service.

3. Keep Software Updated. This one is dead simple. Make sure your computer and mobile device operating system is always updated to the latest version. Turn on automatic updates to make this an even simpler process. Updated software often includes patches for security vulnerabilities and loopholes hackers can exploit.

We don’t have control over how companies secure their data, so that remains a point of vulnerability. There are a number of other steps you can take beyond these three, but the important lesson is to remain vigilant as you browse. A VPN and the latest software can be very helpful, but even these can fail if you don’t think critically before clicking on that suspicious email or website.