Don't Wait: Protect Your Account Now!Last Updated: 4/20/17
Yes, your email account is worth protecting.. trust me
Some people may read this page or maybe just the page title and think, "I don't use my email account much. It probably isn't worth the hassle to protect it! I can always make a new one!" Do not fall into this mindset. When you protect your online account, you are not protecting just your account. You are protecting every person you have every communicated to through your account, you are protecting every piece of information and personal detail that you forgot was mentioned in a past email, you are protecting every other online account you signed up for that is registered to that email address, your photos, your smart phone bacups, you contacts, and more. If you want to know why the hackers want your account read this: The Value of a Hacked Email Account — Krebs on Security - https://krebsonsecurity.com/2013/06/the-value-of-a-hacked-email-account/. No matter who you are or what you do with your email, hackers all over the world are targeting you and want to steal your email account. It is not "if you will be attacked", but "when you get attacked". Are you ready?
Here are somethings you can do right now to protect yourself from losing part of your online life forever
Update your recovery information:
Most online websites (Gmail, Yahoo, Facebook, etc...) allow you to give them recovery information. Most people don't understand the value of this, so they skip this step. This is how they reach you to reset your password or verify who you are to get you back into your account after you've forgotten the password or someone else has taken over your account. DO fill out this part of your account and UPDATE it at least once a year. Normally you just have to provide a different email address (ex: firstname.lastname@example.org) to be the recovery email address for your primary account (ex: email@example.com), and often a mobile phone number too. Just do it. Be sure to provide both a second email account and your mobile phone number. The use this phone number to text you verification codes to confirm who you are. Also, make sure that your secondary email account (ex: firstname.lastname@example.org) also has up-to-date recovery information too! Update Recovery Information Now: Yahoo! Recovery Info or Google Recovery Info. Also consider a Google security checkup!
Update and Save your account information:
If you are using a fake DOB or other fabricated information, be very careful. You need to either use your real information or fully use your online alternate identify. Do not blend them. it gets confusing and difficult. You can't prove who you are to customer service if you can't remember your fake birthday! You need to know, and have saved somewhere, all of the following information about your account:
- Backup/recovery email address. (as already mentioned)
- Mobile phone numbers. (as already mentioned)
- Date of Birth.
- Secret questions and answers, if they exist. many sites are moving away from this. Note: consider using a random password for each secret question answer and save the random answers in your password keeper.
- (!) Gmail / Google account creation date in case you need it to recovery your account. Use the welcome to gmail email or look for a date near the "POP download" gmail settings screen.
- Make sure you what other apps are connected with gmail: view connect apps now.
Choose a good password:
Don't reuse passwords. Everyone does, but they should not! If your email password is the same password as your other 837 accounts, then do yourself a favor and change your email password RIGHT NOW! Your password will still be the same on your other 837 accounts, but at least when one of those sites gets compromised they can't use the stolen password to take complete control of your email account too! Email accounts should be protected more than other accounts, because they are the key to unlocking all your other accounts!!
Enable two factor authentication:
This is the next level of security for those who value your online accout. I just enabled it for my account. This makes it so that an attacker has to have more than just your password to break into your account. Normally this means you have to have a password and something like a text message code.
Get a password keeper:
Password keepers are very secure (when used cautiously and you don't give the master password away by accident) and the cost starts at FREE and goes up to a few dollars a month. You have no good reason not to use one! Here are two popular options: KeePass (http://keepass.info/), save the encrypted vault where ever you want; or LastPass (http://lastpass.com/) your encrypted vault is saved to their cloud so you can access your passwords from any where, even from you smart phone. LastPass cannot open your vault without your master password.
Article Change log:
4/20/2017: After helping a friend with a real-time battle with a hacker in india, fighting to regain his google account, I have decided to update and expand this article. The hacker even factory reset his phone while we were using it, to slow us down. Now he cannot use his phone (no calls, no SMS, nothing) until he regains access to his google account.
4/26/2016: This article inspired by a recent message from a friend that reminded me how important it is to take safety precautions so you don't lose your email address or another account to hackers forever! It happens more often then you think.