Security is hard. Even the largest companies with high end and motivated security teams can be found vulnerable. I always operate as though everything I post or enter into a computer will be accessible and seen by everyone, including private information. The only truly effective strategy is to compartmentalize and make it as difficult as possible for nefarious actors. Three tips I would say you should implement into your online life are the following:
1. Use a different password for each and every site. Its bad enough if your data is spread around after a data breach, but you compound it if you are using the same email/username/password on various sites. Typically once your email and password have been cracked, hackers will use this same combination on popular sites to see if they can get into even more of your data. Let’s say you use firstname.lastname@example.org and Password as your email address and password for site A.com. Then will go to facebook and try and use email@example.com and Password to see if it works, then bank sites, other social media, online email accounts, on and on. If you are using firstname.lastname@example.org and Password on these other sites as well, then they just scored an easy hack. Use a unique password on each site, tools like Last Pass.com make it simple so you don’t have to remember them all, and of course, use difficult passwords or phase phrases.
2. Use two-factor authentication where available for your accounts. Ok, let’s say you have been using unique email/username/password for each site. You still don’t want some hacker getting into your account right? Well, the idea behind two-factor authentication is to require not only something you know like a username/password, but also something you have on you. A cell phone or other yubi type device utilizing authenticator technology is ideal. Text and email work too but are still susceptible. That way, even if your email/username/password is out for everyone to see on the internet, they still can not access your account.
3. Don’t use a debit card online, only use credit cars that offer online protections. Ok, so they can’t get into your account, but the site you were shopping on had weak security on their credit card numbers and there is nothing you could have done about that. Well, the credit card industry knows this so they have a process to get you taken care of, but make sure to monitor your bills! But it can be a must different type of problem if you used your debit card. They do not always have the same protections or process for a fraud that a credit card has, even worse, now your bank balance is suffering! Don’t use your debit card online, use a credit card and if you don’t have one, use a prepaid card.