It has recently come to light that there was a critical flaw in internet security known as the “Heartbleed Bug”. Most people will want to take steps to protect their various online accounts from this flaw, and that generally means giving yourself a password and security audit. Here are some steps to take that will help protect your accounts from this flaw.
First steps
Change the passwords on your important accounts
These include your bank(s), social media accounts, and most importantly your personal email account. Use a unique password for each. Hackers know most people use one or two passwords, and once they get one right it’s all over. Currently it’s best to use a long phrase of semi-random words for your password, like “MonsterBatteriesJumpShip”. They’re fun to make, easy to remember, and hard to hack. Tip: use this site to see just how secure your password is.
Monitor your accounts for suspicious activity
Check to make sure there aren’t unauthorized transactions on your credit cards, mysterious withdrawals from your bank, spam sent to people in your email contacts, or posts made to Twitter or Facebook that you didn’t make. The sooner you catch something, the better off you’ll be to correct them when you contact customer support.
The second factor
Many internet sites now offer what is called “two factor authentication” or “two step verification”. In a nutshell, if you enable it, you’ll need both your password and your mobile phone to sign in. This is more secure than having just a single password.
We published a guide on enabling two factor authentication in Google. Other services also use two-factor authentication and many of them support the Google Authenticator app so that you can have all of your second factor passwords in one place.
Two factor authentication is probably the biggest step you can take to protect your data, because if a bad guy gets into your email, they can then use the “forgot my password” feature to reset the passwords on your other accounts and then wreak havoc.