While opening an online account, we do invest a considerable amount of thought into choosing a unique and complex password, which we think, cannot be guessed easily by hackers and nefarious elements present on the World Wide Web. However, we still cannot be 100% sure that our email accounts and social media accounts will not be hacked. Online banking accounts are equally, if not more, vulnerable to hack attacks and in most cases, hackers are able to break very complex codes with relative ease.
most people have dozens on accounts on the Internet – from email accounts such as Gmail, hotmail, Yahoo mail to Facebook, MySpace and Twitter accounts and a string on online banking accounts. Each of these accounts has a considerable bulk of sensitive data and critical information it must be kept absolutely secure. Therefore, it is imperative to spend some time evaluating the online security and recovery solutions for each of them. In fact, following a few simple steps, listed below, can help you improve the overall online security of your accounts whilst also streamlining your workflow and increasing your peace of mind:
Enable the ‘always use HTTPS’ settings for your email accounts just as Gmail, social networking accounts such as Twitter and Facebook and all other online accounts that support secure HTTP. This must be kept in mind especially when you are accessing your account from an unprotected Wi-Fi connection or network in a public place. Without HTTPS, anyone, including a layman, can use an uncomplicated Firefox extension by the name of Firesheep, to capture your account log in details.
- Go for the 2-Step verification on all your Google accounts, including Gmail, Facebook, LinkedIn and a host of other online accounts that can be accessed using a single login id and password. This will ensure that anyone trying to log into to your online account through a different computer will have to type in an additional verification code that is sent directly to your mobile phone as a text message or over a voice call. Since the chances of this person having your mobile phone too are bleak, your online account will stay protected. Additionally, the 2-Step verification will also help you know of any unsolicited activity happening on your account. If you ever receive an SMS or a voice call from Google that gives you a verification code, get alert. It only means one thing – somebody knows your online account password but is unable to log into your account without the second verification code.
- Connecting your Facebook account with your mobile phone is a great idea. That way, you will get an SMS or an email alert as soon as someone tries to access your Facebook account from a computer or cell phone other than your own.
- Review all third party websites that might have access to your online accounts. It is very important for you to cancel all the redundant applications that you do not use any longer. You can do the same for your Google, Facebook and Twitter accounts.
- Do you have more than one active email addresses? What is their purpose? Most people who have two email ids use one for professional correspondence while the other is only for a select few friends or acquaintances. The email address meant for the public at large are also linked to other sites such as Facebook, Twitter, YouTube, LinkedIn, Flickr, Skype and others to help people find the user on different social platforms through the email id. The other ‘restricted’ email id is generally for services like online banking, PayPal, Amazon, Google Apps, Apple iTunes and others where the security of online accounts is of top priority. Therefore, it is best to prioritize your purpose of having more than one email address to restrict its knowledge to select few people or websites. That would considerably reduce the chances of your online accounts of getting hacked.
- Are you using a new online service? Remember never to use or give your primary email address to open an account. Should you require, it is advisable to create a disposable email id to be able to create a test account and log in to the service. While most genuine addresses might reject disposable email ids in order to prevent fake registrations on their site, you can try your luck using alias names or nick names of your primary email id.
- Do you shop online? Which mode of payment do you select? Do you frequently use your credit card for online transactions? Your account might be quite vulnerable to hack attacks! The best way to ensure online security and protect your online accounts is by using virtual credit cards for payments on shopping sites or e-commerce sites, especially those where you are making an online transaction for the very first time. Also beware of long fine prints since there is a chance that you will get billed again if you do not cancel the account. These small cautionary steps will help you provide maximum protection to your online accounts, while also keeping your credit cards safe from unknown websites.
- What do you do if you forget your online account password? Losing passwords may indeed land us in a big fix. Therefore, it is always suggested that you check out the password recovery options on your primary email accounts every now and then. Also, it is a good idea to have a secondary email account where you can recover your password just in case you cannot access your primary account or in worse case scenarios, your mobile phone gets lost too!
- If you have two email ids, never ever set one as the recovery option for another. If you do this, you virtually invite the hacker, who has already logged in to one account, to log in to the other too.
- Last but not the least, use a password manager to remember and manage all the different passwords that you might have. Compile all your information pertaining to log in details and their corresponding passwords at one place, make that document password protected and place it on Dropbox so that it can be accessed from all your computers. If you travel often and require your family to access your email accounts while you are away, you can have a hard copy of this file along with the backup verification codes, required to use a particular Google account through a Google prompted password sent on mobile phone, to access that particular account.
A stitch in time saves nine and these simple tips, if followed proactively, can help you protect your online accounts in the most effective manner.
This article by Frank Johnson is the first in his series on online security.