3 Essential Account Takeover Tips (That Will Enhance Security to Protect Your Accounts)
(Posted on Thursday, September 26, 2024)
Account takeovers have become more common, and make no mistake, anyone can be a target.
One day, you’re logging into your email, social media, or banking app, and the next thing you know, your details are in the hands of a hacker. How many times have you seen your family and friends, post that their Social Media account has been breached, and they don’t know how to regain access?
It can be a terrifying scenario—but you can take steps to safeguard your digital life.
By following a few simple steps, you can significantly reduce your risk and keep your accounts safe.
Here’s why these tips matter:
- They work without requiring complicated technical skills.
- They protect you, even if you’re unaware of common myths about cybersecurity.
- They lead to long-term peace of mind by securing your digital identity.
Ultimately, these tips will help you stay ahead of potential attacks.
Tip 1: Use Strong, Unique Passwords for Every Account
The most common way for hackers to gain access to your accounts is by using weak or repeated passwords across your accounts. Strong, lengthy, and unique passwords are your initial line of defense.
For example, here is a great example of what a strong password or passphrase looks like.
Now, I understand this feels like a lot to remember, but, you can leverage a password manager, or write your updated passwords down in a notebook, and keep it in a secure place.
Here is a great resource you can use for free, to create unique and strong passwords or passphrases.
Did you know, that the founders of Gemini, the Winklevoss twin brothers distributed snippets of a printout of their private keys across multiple safe deposits around the United States?
This ensured that even if thieves got their hands on a fragment of the private key, the others would still be outside their reach. You can read all about it here, to understand the extreme lengths they went through to ensure their security. $1.2B of cryptocurrency, was worth the effort to keep safe.
Here’s why all of this is important: If a hacker gets hold of one of your passwords, they can use it to access all of your accounts if you reuse that password. That’s how many account takeovers happen, especially for key accounts like email, social media, and banking.
One critical account most people forget to update is their iCloud password. Many users store their passwords in Apple’s Keychain, which is tied to their iCloud account. If a hacker gains access to your iCloud password, they can access all the passwords stored in your Keychain, as well as your linked devices.
This can give them complete control over your accounts—email, social media, LinkedIn, and banking apps. Here is a great resource from TechRepublic for more details.
Let’s take a real-world example: A person uses the same password for their email, social media, and online banking. If a breach occurs at one service, hackers can try that password on other accounts and move across all of your accounts—and it works–the person could lose control of their digital life in seconds. This risk is even higher if they have access to your iCloud account.
To avoid this:
– Use a password manager to create and store strong, unique passwords.
– Regularly update your cloud-based account passwords, like iCloud, Google Drive, and Dropbox.
– Avoid using personal information, like birthdays or pet names, in your passwords.
– Don’t reuse passwords.
Many people think remembering unique passwords is too hard, but a password manager does the work for you. You can always sign up for services like LastPass or 1Password to handle it securely.
Tip 2: Enable Multi-Factor Authentication (MFA) or Two-Factor Authentication (2FA)
I used to think, “My password is strong enough; why do I need two-factor authentication?” But then I learned the hard way, that even the strongest passwords can be stolen.
That’s when MFA/2FA can become a lifesaver.
MFA (multi-factor authentication) or 2FA (two-factor authentication) adds an extra layer of security. Even if someone gets your password, they won’t be able to access your account without the second factor, like a code sent to your phone.
This is crucial for email, social media (including LinkedIn), and banking accounts, where account takeover can lead to disastrous consequences, from identity theft to financial loss.
Follow these guidelines to make MFA/2FA a habit:
– Enable it on any account that supports it (email, social media, banking).
– Use an app-based authenticator for added security rather than SMS-based 2FA.
– Keep backup codes in a safe place, in case you lose access to your MFA/2FA device.
Let’s say someone gets ahold of your email password. Without MFA/2FA, your account is at their mercy, giving them access to your other accounts through password recovery links. With it, they can’t get in without the second layer of verification.
Make this a daily habit: Any time you sign up for a new service, check if they offer MFA/2FA and turn it on immediately. Popular apps like Google Authenticator or Authy make this easy. For banking apps, some services like Chase or Bank of America also offer 2FA options.
Tip 3: Monitor Your Accounts Regularly
Here’s how this tip will help you: Regularly monitoring your accounts means you can spot suspicious activity before things spiral out of control.
A common mistake people make is assuming everything is fine because they haven’t noticed any problems. But hackers often wait months before using stolen details, especially when it comes to email, social media, and banking. This delay can leave you in the dark while your information is being misused.
Here’s a 3-step solution:
1. Check your account activity often. Look for any unfamiliar logins or transactions in your email, social media, and banking apps.
2. Set up alerts. Many services, especially banking apps, allow you to get notifications when unusual activity occurs.
3. Check your credit report. This can help you spot unauthorized accounts opened in your name, a common result of account takeovers.
If you’re worried about time, remember: It only takes a few minutes to check your accounts, but it could save you years of frustration dealing with identity theft. For extra security, sign up for monitoring services like Credit Karma to help you keep an eye on your accounts.
To protect your accounts from takeovers:
1. Use strong, unique passwords and regularly update your iCloud and cloud service passwords.
2. Enable two-factor authentication for email, social media (including LinkedIn), and banking accounts.
3. Monitor your accounts regularly to spot suspicious activity early.
This may feel like a lot of work, and at first, it can be. But, once you create a plan and start your security journey, these simple steps can save you from the nightmare of account takeover.
Get started, even if it’s two hours a month, remember your security is in your hands.
Stay Safe,
Chris