It seems like every day there is news about some company being hacked and thousands or millions of customer records being stolen. That’s your personal information out in the wild now. That email and password will now be used on every major website like Amazon and Facebook and Google with special software that tries thousands of times per second, knowing that we are all guilty of using the same password for everything we do online. The ultimate end goal is usually ransomware or identity theft. There are four steps you can take: identifying problems, securing yourself, covering your tracks, and insuring yourself.
Step 1: Identifying Problems
When a company is hacked and customer passwords are stolen, they are bundled in to a database and sold to the highest bidder. The website Have I Been Pwned scours the known lists of sold logins to see where your email has been found (my personal email was found in 5 different compromised companies!) This is a good time to change your passwords on any known compromised websites.
How do I know if someone else is in my accounts and how do I get them out? For Facebook, Google, and Yahoo you can see where else you are logged in and force them to sign out. Just know that if you do see a list of 10 computers where you are logged in, it doesn’t necessarily mean you’ve been compromised (some apps use your Facebook account as a log in) but doing this once every few months is a good practice anyway, like vacuuming under the couch.
Step 2: Securing Yourself
Using the same password for every website is obviously the easiest solution but also the worst. Keeping a spreadsheet or notebook of different passwords is better, but a spreadsheet is not secure and a notebook can be lost. Using a popular password manager like 1Password or LastPass is the best and most secure solution. These apps will recommend secure and unique passwords, make logging in to everything for you easy, and be with you wherever you are whether you’re at home, at work, or only have access to your phone. While the password manager apps make getting started very easy, it will still be time-consuming.
Setting up 2 factor authentication is a step above and beyond using strong & unique passwords. Google and Facebook often act as our portal to the wider internet, so having a strong front door is a great defense.
Freezing your credit stops identity thieves from opening credit card accounts or loans in your name, it isn’t free but is worth the potential months of unwinding that could result from having your identity stolen.
And lastly, stop getting interrupted by spam and scam phone calls. The government’s Do Not Call registry only works if you sign up for it and report abusers. Hiya is a free app for iOS and Android that uses a known and growing list of scammers to block calls and text messages from ever reaching your smartphone.
Step 3: Covering Your Tracks
I use a slew of apps and plugins to help keep my online activity private and secure.
- HTTPS Everywhere makes sure your web browser uses the encrypted version of websites when available (you’ll see a little padlock in your address bar)
- Ghostery prevents websites from following you around the internet and blocks advertisements
- 1Blocker does the same as Ghostery but for iOS devices
Step 4: Insuring Yourself
You’ve now plugged any holes and secured all defenses. But what happens if that isn’t enough? Opus 111 Group offers Identity Protection through LifeLock as a backstop. Think of it as buying insurance for your identity.