Twenty years ago, the phrase “data breach” wasn’t even in the average person’s vocabulary. Today, however, it seems every other week brings news of another company’s data – your data – being compromised. Each breach means thousands or even millions of people’s personal, private information, available for anyone to steal, use, or even sell.
How can you protect yourself? You already have passwords on your accounts, so what more can you do? It turns out that there’s a lot more you can do to protect yourself – even when it seems like companies you entrust your information to, aren’t bothering to protect your data.
Only Sign Up For Accounts You Really Need
It sounds elementary; why would anyone sign up for accounts they don’t need? Most people, however, have signed up for all kinds of accounts and things they either don’t need or don’t even use. One way to see how many things you’ve signed up for is to go to Unroll.me and enter your email address. Chances are you have many accounts that you might not even remember signing up for – and they’re all in possession of at least your email address. In many cases, you might have given them your name, address, phone number, or even date of birth as well. That adds up to a lot of companies that have information about you that you may no longer want them to have.
Going forward, before you enter anything about yourself, stop and think about whether you really need that account. That goes for game websites, forums, and any other place where you need to offer information about yourself as a form of currency to gain something.
Stay Away From Social Media Quizzes & Surveys
We’ve all seen them; cute little quizzes are everywhere on Facebook and Twitter, promising to tell you what Disney princess you’re like or what your spirit animal is. Memes tell you to provide the month of your birth, mother’s maiden name, or street you live on to determine your ‘superhero name.’ All of these have one thing in common – they’re ways for others to gain information about you that they should not have. You probably wouldn’t tell a total stranger your mother’s maiden name, but you’d be surprised how many people will comment with that information on a Facebook thread or enter it into a quiz promising to guess your ancestry.
A safe rule of thumb to remember is that if something is asking for a piece of information you wouldn’t tell a stranger on the street or put on a billboard, walk away.
Use A Reputable Password Manager &Strong Passphrases
While passwords are on the downtrend in favor of more advanced solutions like biometrics, a strong passphrase is still necessary to help secure your accounts. Rather than using a standard password (many of which get reused and easily hacked), a passphrase of several unrelated words can be more secure. Don’t use a sentence from a well-known saying or a book; use words that are easy to remember but make no sense as a sentence. Something like “cape horse copper towel tablet” would work.
Using a password manager such as KeePassX or LastPass is another critical component of account security. You can store all of your passwords within the manager, and only have to remember one master password.
Don’t Leave Your Accounts Signed In On Your Phone
This might be the most inconvenient and challenging thing to do, but it’s one of the most important things to remember related to this topic. If you lose your phone or tablet or are the victim of a theft, how much would the thief have access to? You might think that a passcode will stop the thief from getting into your phone but there are ways to bypass a phone’s lock code. Once they’re into the phone, they have access to your email or texts. With email access, they could get into a host of other accounts – including your banking or other finances. With your phone, they may even be able to bypass your two-factor authentication for more secure accounts.
No one plans to have their phone stolen or lost, and it may never happen to you. It’s best to make sure that in case it does happen, there’s nothing in your phone that can give criminals access to your accounts. If you don’t leave your accounts signed in when you are done accessing them, if someone does get into your phone, there won’t be much for them to exploit.
You can’t control a company’s security practices or stop the next data breach from happening. You can’t even guarantee that your information will stay safe. You can, however, take steps to maximize your security, minimize risk, and do a lot less worrying about whether your personal information will end up in the hands of the wrong people.