With the recent attacks on Twitter late last week, the issue of protection and privacy has risen to the forefront. While only 250,000 users were affected by the recent security attacks – a drop in the ocean since the site has roughly 200 million active users – protecting your social media accounts is vital if you don’t want them falling into the wrong hands.
However, simple measures like passwords are things that we don’t put much thought into. How many of us have one or two general passwords that we use for all our accounts or the same four digit PIN for our phone and accounts? Just thinking about it only makes you realise how much trouble you would be in if this actually came to pass. It’s always better to be safe than sorry so now’s the perfect time to reconsider how you protect your accounts.
By right, you should have a unique password for every site you’ve signed up to. However, the mind can only retain so many things so realistically, the more sites you’re signed up to, the more likely you are going to rely on the same few passwords to access them. If you list out all the different social media sites, email addresses, e-commerce sites (Amazon, eBay, etc.) and apps that you’ve signed up to, chances are that unless you’ve been very selective, you’ve signed up to a large number of them.
We would guess that the average person has roughly 20+ accounts altogether, including redundant or inactive accounts. That’s a lot of sites and a lot of ways for someone to access your account information if they discovered any of your passwords.
What you don’t want to happen is a domino effect, where cracking one account means that you can access all of them. What you do want is enough variety so that if one account does get hacked, there are enough measures in place so that your other accounts are safe. Make sure that’s the minimum you’re aiming for when you’re putting together an effective password.
All protection begins with the simple password, a staple of all our accounts. While most of us have a go-to password when we sign up for a new service, there are some ground rules to follow if you want to reduce the chances of someone accessing your profiles. It doesn’t eliminate the threat entirely, but it will help lessen it considerably.
1. The Longer, The Better
Most sites require passwords to be six characters or more before they’re accepted, but really the longer you can make it, the better. Longer passwords take more time to crack so think about ways to lengthen it by combining words or characters that you can remember.
You should even try using your favorite quote or phrase from a movie, TV show or book you like so that it will be easier to remember. It’s recommended that your password should be more than 12 characters (16+ preferably) to lessen the chances of it being cracked.
2. Keep Characters Varied
Whatever your password is, using only the one type of characters isn’t good practice so don’t resort to just letters, use capitals, numbers, punctuation, and symbols to strengthen it so that it’s harder to crack. A good example to look at is Apple and its user accounts. Each user’s password requires one capital letter and one number minimum so that all passwords are strong. It’s a good idea to incorporate rules like this for all your passwords and make it harder for a person or machine to correctly guess it.
3. Add Complex Passwords
While it’s perfectly fine to settle for a four digit PIN, there are better ways of keeping your smartphone safe. For iOS users, you can change it so that it requires a more complex password to access your phone. If you go into settings, then general, you will see password lock. Here you can turn off ‘simple passcode,’ allowing you to enter in a more complex password.
Android users have a more varied pick to choose from. Alongside the four digit pin, you can select a nine-point unlock system, password, and face unlock system to keep your device secure.
4. Check Your Password’s Strength
If you’ve come up with a few password suggestions, why not test them out and see just how strong they are. There are a number of sites which lets you do this, but one of the best is howsecureismypassword.net. The title is rather self-explanatory and it will tell you just how long it will take for a desktop PC to crack your password.
5. Use Your Phone/Tablet As Storage
Know that note taker that every phone has. It’s also a handy way of storing any hard to remember passwords for future reference. You will always have your phone on hand, so referring to it for accounts that you’ve recently created is good provided you take the right precautions.
The only two things to keep in mind is that you should use some type of password protection on your phone to ensure your other passwords are safe. Using a PIN-type password is fine, but you should use something a little bit more thorough if you resort to this method.
The second thing is you should bury said notes as deep within your phone memory as possible. Put your notes in folders, keep most of them separate, or mix them into other notes or files. Also, don’t mark your notes as anything that would imply that they’re passwords or even say what accounts they’re for.
6. Log Out
It doesn’t hurt to log out of a site when you’re finished with it. Really, you only log in to four or five sites regularly so the worst that you will have to endure is a few extra seconds typing in your password. The alternative is letting the person who gained access to your computer to access all of your accounts, making those extra seconds spent a small price to pay.
Social Media Accounts
While most social media accounts follow the same protocol when an account is compromised or hacked, there are ways to regain access to them. If you’re having problems accessing one of your accounts, here’s what you should do.
If you’re unable to access your account, the first thing you should do is go to Facebook’s hacked section. If you’re signed in, just follow the instructions to secure your account. However, if you’re not signed in or can’t sign in, you can send a report through this page saying that your account has been hacked.
When you regain access to your account, it’s a good idea to review all apps on your profile in case one of them was responsible for the problem.
8. Twitter & LinkedIn
Twitter doesn’t have the same security features as Facebook and so the only thing you can do is change your password. There are two ways to do this: If you can log into your account, go into account settings and access the ‘passwords’ tab to change it. If you’re unable to log in to your account, then you will need to request them to change your password through the home page.
When you’ve regained access to your account, it’s best to review and remove any apps that might be suspicious, and delete any spam tweets or DMs that were posted to your account.
LinkedIn follows the same principal, allowing you to change your password by requesting it through this link. Much like Twitter, a link to help change your account password will be emailed to you so you can change your password.
9. Google & YouTube
Since there are a lot of Google products you could be using, all of them tie into this overall dashboard. If one of your Google accounts has been compromised, it’s safe to assume that all of your accounts are in trouble.
Alternatively, if you’re having problems signing in, go to the sign-in page and click on ‘Can’t access your account?’ where you can get either your username or your password. If your account’s been compromised, you will need to click on help at the bottom of the page and report the problem you’re experiencing.
A good idea would be to sign up for Google’s two-step verification process. This uses both your password and your phone to keep your account safe and is well worth signing up to.
10. Use A Password Manager
If you want to add an extra layer to your password protection, there are a number of password managers out there to hep you. Here are three that are definitely worth considering.
Cost: Free (Limited Features) $12 a year
Platform: All desktop and mobile platforms
Similar to 1Password, Lastpass generates and saves passwords so that all of your data remains safe. The freeware version is good enough to justify trying it out, but opting for the paid version will provide you with extra functionality such as syncing across all mobile devices.
Platform: All desktop browsers
KeePass is a free open-source program that punches above its weight. With a wide range of features such as multiple user keys, password groups and database transfer, the fact that it’s free to download means that it’s definitely worth considering.
Cost: Free (30 Days), $24.99, $34.99 for Windows & Mac bundle
Platform: Mac, Windows, iOS, Android
Definitely one of the most popular password manager apps out there, 1Password helps users create strong and unique passwords for their accounts. As well as remembering and storing them in your Web browser, it ensures that all your accounts are protected and only requires you to use the one master password to access them. 1Password also makes good use of the cloud to keep it in sync with all your devices, making it a handy tool.