Find Your Email Address to See If Your Password Has Been Stolen
Surely you’ve Google yourself at least once to see what’s going on (or to see which awkward photos and blog posts you need to remove from the internet before your boss finds them). While searching for yourself might yield some predictable results – your LinkedIn page, any mentions of you in the local newspaper, obituaries for other people of the same name – talking to a friend about a data breach led me to find something I rarely need to find. : my own iCloud email address. This search led me to a sketchy blog post filled with information that could not be posted on the Internet, namely usernames and passwords. If, like me, you thought your safety hygiene was under control, this quick search might be a rude enough awakening to inspire you to take a few steps to further protect your privacy.
One weak password can break your security chain
The username / password combination I found while looking up my email address belonged to an old streaming service that I used in 2015. Although I have since turned down the service, I was worried about what other personal data was moving on the air, and embarrassed that I had been compromised with a password that I always wanted to retire.
The password was used for more than just HBO subscriptions. I have used it in the past for bank accounts, social media pages, and other sites that I knew I would like to try a little, usually with a slight change to the original each time. While I was not alone in my compromised state (the list included dozens of now defunct accounts), the fact remains that I am still a potential victim. This was a weak link in my data protection chain that needed to be replaced with something more reliable and capable of protecting me.
Get rid of the old password
Before you start to create permutations of the single passphrase you used from college, know this: You are entering the wrong passwords. (And if your password is a series of phrases, not a string of characters with numbers or symbols, you need a new way to create passwords .) First, you must get rid of the cracked password as soon as possible, as well as everything else. slightly modified versions that you use for different accounts in an attempt to protect them from intruders.
While you’re at it, you should look at your most used accounts to see which passwords need updating. This is where password managers come in. In addition to tracking (and in some cases creating) your secure passwords, these services may also do an initial assessment to determine if your passwords are bad . More about them below:
Get a password manager already
Failure to use a password manager is mostly a nuisance. Password managers not only make it easy to create strong passwords for all your accounts, but they can also be integrated into your web browser using extensions or into your smartphone with an add-on, making it easy to access your personal information wherever you are. while keeping your personal information safe.
With a password manager, you can abandon the old method of remembering passwords for each site or writing them down on a piece of paper that you pin behind your computer monitor (such a bad idea, by the way). While I use 1Password ($ 35 a year), there are other options like LastPass ($ 24 a year) and KeePass (free) that offer their own unique features in addition to simple password management.
You don’t need to change them all at once; I change one to two passwords every other day, which makes the process less intensive, but also obviously slower. If you have time, you should create new, updated passwords for as many accounts as possible as soon as possible. Better safe than sorry.
Include Two-Factor Factor Wherever You Can
Add another layer of security to your accounts after changing your password using two-factor authentication . Forms of two-factor authentication include entering one-time codes sent via SMS when you try to log in, or randomly generated codes from a two-factor authentication app like Authy or Google Authenticator that you enter after you try to log in. Both methods help prevent people who have obtained your registration information from accessing your account, primarily because they do not have access to your phone’s text messages and applications.
Turn on two-factor authentication for email accounts, financial accounts, social media profiles, or any site that stores your personal information, such as a cloud storage or online store. A good rule of thumb to follow when dealing with sites that don’t use some form of two-factor authentication is to use a secondary or dedicated spam email address .
Unsubscribe (within reason)
Your email address provides a lot more information than you think. All those newsletters, discount codes from your favorite lingerie retailer, and last minute deals at some store you shopped at three years ago have your email address. And not everyone keeps it as safe as you would like to believe.
You should probably be aware that your experience can vary when it comes to unsubscribing and reducing the number of emails that arrive in your inbox. More reputable sites can honor the sacred click “Unsubscribe”, but the e-mails from the less-than-ideal senders often include failure buttons subscription to confirm that you have read their e-mail, and, well, Well , send more debris your mailbox .