I have to admit: I used the password again.
This is the first security sin, but it was in the early 2010’s, I just left college and I couldn’t use any of the best password managers because I still didn’t know about them and they were still popular. In fact, I did not pay much attention to securing my digital life. It was a big mistake.
In 2013, Adobe was hacked and the attackers received a list of 153 million users and passwords. These passwords were not encrypted so that people read them – they were saved in a simple text – so once the list was over, the attackers needed to target the unfortunate Adobe users like themselves.
You can like
Only when I found out that a credentials were attacked. It’s much easier than the name. The assailants take the stolen users name and password and try their best on more sites. Think about it as tried all the keys at a closed door. Unfortunately, they joined my Microsoft account using the same password there.
It was a pressure time and telling that your email account has some of your most sensitive information, once they have access to this account, they can reset your password so that you can turn off from other websites and services. But I kicked them and soon learned how to protect myself from that time.
After more than a decade, the attackers are still trying to get into my account, but there is a significant difference – they can’t. So, I decided to explain how I learned from my mistakes and how you could easily improve your security to prevent the events that happened to me.
1. Do not reuse the password
(Image Credit: Proton)
Well, you probably already guessed the story, but when I got Adobe Hack, I presented the same important issue that I was using the same password on multiple sites. So it was easy for the attackers to use credentials and break my other accounts.
Like others, I also have a lot of passwords to remember that! I did not want to close with an account clearly, and the password reset form is not always so reliable, so I decided that the best way to process was an easy, easy to use on all sites.
I thought it was safe because it had numbers, capital numbers and symbols. It was not as dangerous as using “password” or “Pass W0RD”, but it was not far away.
The best way to avoid this problem is to use a password manager like 1 password or proton pass (my preferred option). They store all your credentials safely and can create long, complex passwords you use, but never need to remember. Most also have apps for your browser, computer and smartphone, so you always have access to your password.
2. Enable the verification of two elements
(Image Credit: Getty Images)
One of the reasons why the attacker enters some accounts is so that once they have your username and password, they can only sign in as if they are you. But what if you had a unique token to show that you are really you, and without it, no one can access your account?
This is the idea behind the two -element verification (2FA). If you have not used this on your personal accounts, you may have done it. It comes in different forms, but the most common are the six digit codes that are manufactured by an app or sent to your phone by SMS.
With your login details, one of these codes shows that not only do you know the username and password, but you also have a leading physical item that helps confirm that you are really trying to log in.
This is an effective way to remove the invaders from their accounts, even if your passwords are leaked. When I compiled this for my Microsoft Account (using the Free Aegie app on my smartphone), hackers continued to try to get into my account, but they could never do. This is an easy way to make your defense on the coast.
I just know that, however, Microsoft has a really useful account activity page that shows when and where the efforts come from and whether they were successful.
If you want even more security for your online accounts, you may also consider using the physical security key instead.
3. Delete unused accounts
(Image Credit: Future)
It doesn’t really say a lot: If you no longer use an account, delete it. Cleaning from time to time is good, and getting rid of old or inactive accounts means that your data is less likely to be damaged and less opportunities.
Not every site gives you an easy “account deletion” button, but if you go to the company’s privacy policy (usually attached to the footer below a website), you can find contact and send email so they can delete your data.
In addition, since I was hacked, in those years, authorities around the world have reinforced privacy regulations, so in many places, it is now a legal responsibility to comply with your business request. That is why you can work like deleting your Google account so easily these days.
4. Get the notifications from which I have been pw
(Image Credit: Have I been pw)
Yes, what I have been pvied, a security website has a strange name (PWN hacker slag to get unauthorized access), but this is one of the best free security resources to protect your accounts. Troy Hunt, the person behind the site, collects data from hex and can send you alert when your account is included.
That way, I would know that my details were leaked in violations of My Fitness Paul, Net Wet, LinkedIn and Last Dot FM, as well as many, many – usually in random sites I didn’t remember to sign up (and maybe my details were stored for at least a decade without my feeling).
It is easy to use when you need to change the password on the hack account and give you a lot of initial heads. Hack data can be dirty and difficult to confirm, so if you want to check if a specific password is compromised, there is also a searchable PWD passwords database.
5. Consider the clean start
(Image Credit: Future)
When the hackers were knocking on my virtual door, I used my hotmail email account for about 15 years. He had created a long history, and now it was a target, I decided that it was time for a new start. Only when I turned from Outlook to Gmail, and recently, the Protone Mail (which we rank as the best email service for security).
It was a lot of work – I won’t lie to you about it. Going into every account I had, changing the email address, creating a new password, and setting 2 FAs to suck a big time. But it was worth it. My current address has been included in just one leak (thanks, Twitter), and thus my data are less.
In addition, starting from the beginning meant that I could choose more deliberately. I became more and more in mind that I chose to sign up, where I have put my details and how I protected the account. I rarely use my original phone number unless I have to do, and I make sure I am out of marketing lists.
These are not foolproof techniques that will keep your account safe forever. Your data is at the mercy of whatever company controls the account. But that means that I have less security problems, I don’t have to worry that someone will come into my account (as they can’t) and I barely get a spam email.
More from Tom Guide
BIMANTHALLY COLD (Max
