It’s what you do that matters.
In general, no, but there are exceptions.
Whether your computer is on or off is rarely the issue. There are other things that matter more.
Become a Patron of Ask Leo! and go ad-free!
Is always-on more dangerous?
As long as you’re behind a router to prevent random outside attacks from reaching your computer, and as long as you’re running software you trust from sources you trust, then running your computer 24 hours a day does not significantly increase your vulnerability to hackers. Using your computer securely protects you whether you’re actively using it or not.
Get thee behind a router
You probably have a router, as that’s the device that allows you to share your single internet connection among all of your internet-connected devices.
A router acts as a fantastic firewall, preventing outside threats from reaching your computer uninvited. Even if you have only one internet-connected device,1 I still recommend using a router for this reason alone.
If your computer is not connected to a router — meaning it’s connected directly to the internet — then yes, you are at higher risk of compromise for every moment your computer is running. Theoretically, the security software on your computer will protect you, but this is also where unpatched vulnerabilities really come into play. If an outside attacker can reach your machine and exploit such a vulnerability, your machine can be hacked.
Use a router. The good news is that you probably already are.
It’s what you do that matters most
Note that I said a router prevents outside threats from reaching in to your computer uninvited. That last word is critical.
Most malicious software gets to your machine because you invite it in. For example, a router can’t protect you from downloading and opening a malicious email attachment. Your security software might; in fact, it probably should, but there’s no guarantee.
You probably understand that. The real question is whether your machine is more vulnerable while you’re not using it.
It depends on what the machine is configured to do while you’re away.
It’s what your machine does that might surprise you
You may think that when you leave your computer, it just sits there quietly waiting for you to come back, but it’s not that simple. Your machine may do things like download software updates and sync data with other devices using tools like Dropbox or OneDrive. Those actions could download malware.
Having your machine off doesn’t really prevent it, as it would happen the next time you turned your machine on.
Ultimately, it really comes down to making sure you use only software you trust from sources you trust, because anything you install has the potential to download more without your knowledge.
I leave my machine on 24 hours a day. Yes, leaving it on all day means that it’s more ‘available’ for malicious activity than if I turned it off when not in use. But, honestly, if malicious activity is going to happen, it’ll just as likely to happen while the machine’s in use as it is when not.
I secure myself by:
- Having a router between my computer and the internet.
- Only running software I trust.
- Only getting software from sources I trust.
- Backing up regularly so that if something happens I can easily recover.
I recommend you do the same.
I also recommend you subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.