By Matthew Mohan
After the recent Yahoo hack went public, it left many people bewildered as to whether their account information was safe or compromised. Many users believed that a quick change of their password would fix that issue. But was that enough? What should someone do to protect their information? Just to make this clear, this article is not just for Yahoo users but for anyone who uses their e-mail or logs into different websites with a username and password on a day-to-day basis.
Before we begin, it should be stated that the Yahoo hack was not actually recent at all.
This hack was an ongoing security breach which was affecting users since 2013, but was not announced by Yahoo until late 2016. This hack occurred as a result of an unidentified third party using Yahoo’s proprietary codes to create cookies that allowed authentication and access to users’ accounts. This hack affected over a billion users, which happened to be twice as much as the last biggest hack. Names, telephone numbers, dates of birth, passwords and even some security questions were compromised in this hacking.
Knowing this, the first thing users should do is change their password at least every six months. When changing a password, try to avoid predictable patterns such as incrementing the last number or adding or deleting a character. For example, “peach1” to “peach2” or “peach***” to “peach**”. Also, try to use a mixture between capitalized letters, lowercase letters, numbers, symbols and special characters. So instead of using “squash123,” try using “$qU@Sh!276”. These may be complicated at first but it will be far more difficult for hackers or onlookers to decrypt your password if you use this approach.
There are additional ways to properly secure your email or login by using a two-step verification method, which requires, perhaps, a cell phone number or a fingerprint along with the password in order to gain access to your account.
Secondly, there are security questions. Many people overlook them since they appear to be useless. What you may not know is that if I knew your security questions and answers, I could access your account without even needing your password. Security questions don’t need to be changed as often as passwords do but they need to be properly kept so that if a hacker were to intrude into your account and change your password then you would be able to retrieve your information.
With security questions, try to avoid the obvious ones like “what city were you born in?” or “what secondary school did you attend?” The answers to these questions can be easily found on your mailing address, other emails, or on social media networks. Instead try something that couldn’t be easily found online like “who was your first childhood friend?”
Third, avoid entering your email address on websites you don’t trust, since many of them may be hacked or baiting websites. Some of these websites are put in place in order to get your information to sell to third party accounts which could result in an increased amount of spam in your inbox, or worse, stolen information. Many of these websites can be identified by a slight variation in the URL: eg www.starrcomputerssss.com instead of www.starrcomputers.com. So it is always important to double check the website you are on.
Another way to identify a secure website is to look to the left of the URL and see if there is a lock icon. This means that while on that particular website you will have a secure connection and your information will be private. If you are still unsure with the website you are on but don’t want to leave as yet, enter false information, though this is not recommended as the right thing to do. The preferred approach is to exit that website completely.
There are additional ways that a person can be further secured. Those mentioned in this article are the most basic and easy methods. It should be borne in mind that as technology advances more cyber criminals will emerge and the incidence of hacking is likely to increase.
Matthew Mohan is a student of Florida International University