Your existence is scattered across the internet. You likely have accounts at forums you haven’t been to in a decade, and social media services so bereft of users they resemble graveyards. And each and every one of those accounts is a potential avenue into your private life for a hacker. So you need to secure them.
These are some of the best ways to keep those accounts secure — and they’re all quick and simple to do, so you’ve got no excuses.
1) Close the accounts you’re not using
Here’s what happens to your old, unused accounts on the web: They get hacked. And sometimes they lead the way to the more valuable accounts that you really do care about, so it makes sense to keep the number of accounts you’re using down to a minimum. As an added bonus it means you’ve got fewer usernames and passwords to worry about.
2) Set up a password manager
Speaking of usernames and passwords, there are apps that can help out here. Not only do password managers like 1Password or LastPass manage all of your various login credentials for you, they can also generate ultra-secure passwords, saving you from having to remember lots of different ones or resorting to using the same one for everything.
3) Add two-factor verification
We’ve been banging the two-factor verification drum for a while now, and you can set it up on most online accounts, including ones for Apple, Google and Microsoft. It means even if someone gets ahold of your username and password, they won’t be able to log into your account on a new device without an extra code delivered over SMS or through an app. Which means they will need physical access to your devices.
4) Protect your password resets
How easy is it for someone to reset your passwords? If one of your email addresses gets compromised, your social networks could be next, but there are ways to stop this — like checking the Require personal information to reset my password tickbox in Settings on Twitter (under the Account tab), and ensuring your “secret questions” are strong ones.
5) Check your account activity
Many of your online accounts let you check up on recent activity — you can head to this page for Facebook and this page for Google, for example — and it’s worth doing this regularly to make sure nothing seems amiss. You can typically log out of all sessions but the current one, and revoke account authorizations for any devices you don’t recognise.
6) Delete third-party account connections
There’s nothing inherently wrong with letting other apps and services connect to your Facebook and Twitter, but you should keep these connections to a minimum and remove any you’re not using, to block off any potential avenues for hackers to use. You can easily manage your connected apps online for your Google, Twitter and Facebook accounts.
7) Keep your software updated
Many a vulnerability comes through outdated software, so you should always make sure your operating systems and browsers are right up to date to keep your computer secure and by extension the online accounts you access through them. Thankfully, most software packages now auto-update seamlessly enough, so it’s not difficult to stay up to date.
8) Trust no one
You’ll hear this mantra a lot if you watch X-Files, and it’s one you should repeat to yourself whenever you receive an email or social media message with dubious contents. Beware of following links without any context and be aware that phishing scams continue to get smarter and trickier to spot. Think before you click and read up on the latest threats.
9) Get extra help
Unless you install something really sketchy and terrible, antivirus programs and other bits of security software can’t do any harm and may well do a lot of good — like guarding against the phishing attacks we’ve just mentioned. There are plenty of good free and paid-for security packages out there for whatever devices you happen to be using.
10) Specify your trusted contacts
If someone should boot you out of your Facebook account, you can get your friends to let you back in, as long as you tell Facebook who you trust beforehand — go to Security in Settings to set this up. It’s simple but effective: Facebook sends your friends one-off codes you can use to regain access, codes which they’re told to only pass on to you.
11) Change your passwords regularly
If you’ve got a password manager set up (see above) then this might be taken care of for you but whatever your situation you should be changing your passwords on a regular basis, and we do mean all of them. You’ve then got much less to worry about should a big batch of them become available to hackers, because you’ll likely have changed yours.
12) Use a secret email address
If someone knows your email address, they’re halfway to knowing how to log into your accounts — and these days it’s not that difficult to find out someone’s email address. Setting up a private email address (that doesn’t really relate to your name) solely for logging into your social media accounts is another way of keeping them more secure.
13) Do you know where your phone is?
Our mobile phones are gateways to many an online account so you need to keep them well protected. That involves both setting up remote wipe capabilities for if your device gets lost (see the instructions for iOS and Android), and making sure your devices are completely and securely wiped should you be selling them or passing them on.
14) Stay informed
One of the easiest but most effective ways of keeping your accounts secure is just to keep up with the tech news — something we can help with. If you know about the latest threats and breaches, and how to deal with them, you won’t be caught out. Of course, keeping your active accounts down to a minimum (see the first point) is going to help here too.
15) Install a VPN
We’ve written before about staying safe on public Wi-Fi and if you spend a lot of time in coffee shops or at hotels then the investment in a solid VPN application is well worth it. As well as letting you spoof your location if you need to, it also adds an extra layer of security to the data you’re sending and receiving, making it harder for anyone else to listen in.
16) Add PIN code protection
A PIN code or password login on your phone or laptop is all that stands in the way of passing strangers and your online accounts, so make sure there’s one in place. Whether your devices offer password protection, or fingerprint ID sensing, or facial recognition, or iris scanning, make sure there’s something there that stops other people from logging in.
17) Keep your accounts to yourself
On a related note, it’s well worth setting up your own account on your computer or your browser or your tablet to keep other people away from your important accounts. We’re not saying your toddler or your housemate is actively trying to hack into your Facebook but from a security perspective it’s always best to limit access as much as possible.
18) Watch what you share online
Your accounts are only as secure as the weakest links protecting them — and those links often involve someone impersonating you. Make sure personal details that can be used to verify your identity, like your home address, your birthday, or even what soccer team you support (is that your “secret security question”?) aren’t all over your social media profiles.
Originally published on Gizmodo Australia.