Every few weeks brings another report of email and other personal account information being stolen from a major corporation. Last month, Yahoo revealed that more than 1 billion accounts had been hacked. Victims of the hack have been notified by Yahoo, but this may leave you wondering if one of your many accounts across the internet has been exposed, but how do you tell?
There are a slew of sites out there that consolidate the publicly available details from all the major hacks and let you search to see if your email is among them. Some are more useful than others, and some may simply be fronts for email harvesting services, so you need to be careful which you use. Our favorite, haveibeenpwned.com, tells you whether your information has been stolen, where the hack occurred and which of your personal details were compromised (e.g., user name, password, password hints, etc.).
So what do you do when you find one of your accounts has been compromised? It's time to create a new password and I don't mean your birthday, pet's name, the word 'password' or any word, for that matter. You need your password to be smart, but not so complex you forget it.
Try for at least 8 characters (the longer the better), with a mixture of upper and lower-case letters, numbers and, if the site or service allows, special characters, such as “!,” “#” and “?.” It should be something you can remember easily. A long sentence works well when you take the first letter of each word and then substitute the vowels for numbers or symbols.
For example: The quick brown fox jumped inside the orange box and slept = Tqbfj1t0b&s
We recommend creating a different password for every site and using a password manager program to keep track of them all. There are both browser password managers and app-based services.
Use two-factor authentication—where you have to enter a password and a code (usually texted to your phone)—on any site or service that supports it.
And remember that when it comes to setting up new passwords, it's smart to lie when filling out password security questions. Most of the questions have answers that can be easily discovered by basic Google searches about you.
You can never be too careful with your privacy on the Internet.
Updated on 11/19/2017
[username on hook image via Shutterstock]