Table of contents:
- How to check if your password is secure
- What to do if the password is stolen
- How to protect yourself in the future
2024 Author: Malcolm Clapton | [email protected]. Last modified: 2023-12-17 03:44
List of emergency measures to protect personal data.
There are often recommendations on the Internet on how to come up with a complex password and protect it from theft. But what if it has already hit the Web?
How to check if your password is secure
A day later, the media reported on another portion of compromised passwords. It is often not difficult to crack a password, because the top The 25 Most Popular Passwords of 2018 Will Make You Feel Like a Security Genius of the most common are still led by those that are easiest to type with one hand (qwerty, 123456 or "difficult" 1q2w3e4r).
Even if you are 100% sure that you are using strong passwords, stay vigilant. After all, often the leak occurs through no fault of the user.
For example, when attackers intercept and decrypt data, or because of the negligence of companies that store data in the public domain, as was the case with Facebook.
The fact of leaked logins / passwords can be checked on special services: through Have I’ve Been Powned (HIBP) or using the Password Checkup plugin from Google.
Application not found
HIBP even has a special mailing list: it allows you to receive an automatic notification if an email ends up in databases that have been leaked recently.
What to do if the password is stolen
Found your details or suspect that the login / password pair is surfing the Web? Read the recommendations urgently. They can be applied to almost all popular services.
1. Terminate all active sessions
This function is available in the settings of most popular sites and applications: Google, Telegram, VKontakte and others. It will allow you to instantly log out of your account on all devices, except for the one from which you clicked the button. This action will save you if the attacker has already logged in, but has not yet managed to change the password or the mail linked to the account.
2. Connect two-factor authentication
At the entrance, the service will ask for not only a password, but also a confirmation code, which, for example, is sent in the form of SMS to a personal number. A two-factor is something like a bicycle lock: it increases the time it takes to hack and the cost. In my opinion, this should be done before changing the password, but here as you like.
3. Change the password to one that will not be hacked
This means that it must be unique and cryptographically strong. This is a password that is not in the dictionaries and which an attacker will spend a lot of time guessing. Passphrases are now considered the most reliable. This is some kind of relatively meaningless, but easily remembered sentence, which is typed in a different layout. The presence of numbers, symbols and capital letters will, of course, only strengthen the password.
How to keep in mind another long and complex password? Choose a compromise path for yourself. For example, store this information in a text file "Notepad", which will be archived, and put the archive under a complex master password. The second option is to store information in special password managers. The essence is the same: you remember one master password from the repository, which contains all the others.
4. Check your security settings
The data in them could be out of date. How long ago have you checked the answer to the secret question from your mailbox, which came up 10 years ago? What about the list of trusted devices? It is possible that your mother's maiden name has become known to the whole world, and the old mobile phone that you gave to your friend's brother still has access to your account.
How to protect yourself in the future
After you have taken all the emergency actions, take preventive measures.
1. Create at least two mailboxes
One is for registering on important services: on state portals, banking resources, in social networks (what is considered important, you decide, of course). It is better to keep this email as a passport and not to shine anywhere.
The second is for minor resources, where an account is needed to leave a comment or download a book. For these purposes, you can use the so-called temporary Mail services, where you will be given a mailbox that will be valid for 5–20 minutes:
- CrazyMailing;
- 10 Minute Mail;
- 20minutemail !.
2. Store data on the Web only in encrypted form
The simplest way: if you really need to upload important data (which, of course, it is better not to do in principle) to the cloud or send it by mail, encrypt it on your computer and only then upload it to the Network. The simplest way: data - into the archive, archive - with a password.
3. Explore the security settings
- Create a list of trusted devices. In the service settings, connect and list all the gadgets on which you open your personal account. New devices are confirmed additionally - for example, via the phone number linked to the account.
- Specify backup contacts to restore access. Additionally, the specified email or phone number will help restore access to the page if the attacker suddenly changed the password to the account and you cannot log in.
In fact, the only way that guarantees 100% data security on the Internet is by refusing to transfer information over the Internet. But this is utopia, and if you have to use the benefits of the Global Web, it is better to be savvy in matters of security.
Recommended:
How to unlock your phone if you've forgotten your password, PIN or pattern
Panic aside. A detailed Lifehacker instruction will help you unlock your smartphone or tablet on Android or iOS
How to find your phone if it's lost or stolen
Slap your pocket, but don't feel the weight of your smartphone? Do not panic! Here's how to find your phone
A stolen smartphone can be used to steal your money. Here's how to protect them
Losing your smartphone can easily result in the loss of funds from your accounts. We tell you how to protect your smartphone, and with it your money
How to stop worrying about your password being stolen
Lifehacker once again explains what 2FA and KeePass are, and most importantly - why and how you should not neglect the security of personal data
What's Wrong with Emma Watson's Stolen Bows
Rarely does one get a chance to see the everyday looks of celebrities. But yesterday such an opportunity appeared. Thank you hackers for the photo of Emma Watson