5 steps to securing your email account
Your email address is what most of the websites and apps of this world use to uniquely identify you.
This is based on the premise that
- no one else has the same email address as you; and
- you, as the owner of this email account, are the only one with access to it.
Your email account is the most important asset you have online because you rely on it to recover forgotten passwords from other websites. It’s also where websites like Medium and Slack will send you a Magic Link — a way for you to login without having to enter a password.
The problem is that if someone has access to your email account, they could easily gain access to ALL your other accounts.
Think of your email account as your master key for your online identities.
All that someone that has access to your account need do, is look at your subscriptions, go to the corresponding websites and request new passwords. Not only are they in, but you’re out. They could also delete the emails confirming you’ve changed your password so that you wouldn’t even know they have access to your stuff.
At this point in time, you’ve lost at the game of protecting yourself online.
You don’t want that to happen, do you?
1. use a different password for all your important accounts, but especially for your email account.
This is the most important tip in this list, please don’t ignore it.
Even if now you don’t have time to change all your other passwords, go change the password for your email account to something unique.
In simple terms, you need to have different passwords for different accounts because if a malicious person has one of your passwords they can try it on other websites. A data leak from a hacked website may compromise your email address and your password so make sure it’s unique.
You can check if your email address has been compromised in one of the (known) leaks on https://haveibeenpwned.com.
2. protect your phone and your computer with a code so that if they get stolen, the thief has no access to your email account.
3. enable 2 step authentication if your email client supports it, so that even with your password, a malicious person does not have access to your account (unless they also have your phone — see tip #2).
4. use a strong password. Here is a scary article showing you how easy it is to crack passwords.
5. use a password manager like 1Password or LastPass, so that you can have strong, different passwords for every website and remember them all.
6. revoke access to apps that have access to you account and that you no longer use.
7. be wary of public Wi-Fi networks, people could be monitoring the traffic — and your passwords. Even using a VPN is not always enough.
8. take action now, don’t delay it and don’t think this will not happen to you.
Here are some useful guides showing how to make your email accounts safer: Gmail, Yahoo, Outlook/Hotmail.
With the number of websites being hacked these days and the amount of data these hackers hold, there is a fair chance that at some point, someone, somewhere will have a go at getting into your email account.
Completely protecting one’s email account is not that easy, that’s for sure. But any of the tips above will take you a bit closer to a decent level of protection.
But don’t pass on #1.
#1 is always the most important.
Anything I’ve missed? Help me better secure my email account and comment below!
Originally published at medium.com on June 5, 2016.
