If you could only protect one online service from a guaranteed hacking attack, you should choose your primary email account.
Your email account is the most important account you own online. Everything from Facebook to your bank relies on the security of your email account.
When you need to verify your identity online, you use your email account. When you need to change your password, you get a change notification in your email account.
With all that being said, our email accounts are surprisingly unsecure. Today, I’m going to explain why that’s a bad thing – and how you can fix it:
4) Setup two step verification
Most modern email providers offer two step verification. Two step verification is by far the most effective way to safeguard your email account.
Gmail and Outlook both support two step verification. On Outlook, mobile users can download an app called the Microsoft Account app (called the “Authenticator” app on Windows Phone). Every time you sign into your email account, Microsoft sends a code via SMS to your phone. Or, if you have the app, you’ll instantly receive a code in that app.
Every time you log into a new device with your 2SV authentication code, you can choose to “trust” that device and avoid asking for any more codes in the future. That way, you just need to enter your password.
Many people think 2SV is a big pain in the butt. But it’s not: it takes two minutes to setup and another 10 seconds to verify every device you own. Once you’ve done that, you’ve made your email accounts infinitely more secure.
3) Customize your security and privacy settings
Every email service has a “security and privacy” settings section. Unfortunately, 85% of email users never even access this section.
Here are some of the useful settings you can access by navigating to “security and privacy” on Gmail, Outlook, and other email services:
-“Recent activity” that shows you the sign-in locations and machine info over the past few days. You can see when somebody has entered an incorrect password, for example, or when a security challenge has been issued.
-“Related accounts”, where you can see the apps and services which can access your email account
-“Block profile picture”, which prevents people from automatically seeing your profile picture attached to some emails
-“Block contacts”, which lets you prevent incoming messages from certain blacklisted contacts
-“Auto forwarding details”. If someone gained access to your email account, they may have set up an auto-forwarder which automatically redirects all emails to their inbox.
And much more. These security settings can vastly improve your overall online security while limiting your exposure to threats and malware.
2) Clean up old content
Back in the early 2000s, email inboxes had extremely limited space. It was a big deal when Hotmail had 50MB of free storage space. When Gmail was first released (on invite-only beta) in 2004, it had a whopping 1GB of free storage space. It blew people’s minds. Everybody wanted an invitation.
All of this new storage space caused us to forget our old habits of deleting sensitive emails. I don’t know about you, but if someone gained access to my email account right now, they’d be able to see everything from recent flights to gift receipts for Christmas presents.
Delete old emails with personally sensitive information. Or, better yet, download them and save them in an encrypted file.
That way, if your email account is ever compromised, you can limit the amount of information that gets leaked.
I’m going to go delete some old emails now.
1) Make your email account password unique from every other password online
In a perfect security world, we would have different complex passwords for every online service we use. Unfortunately, we don’t live in a perfect world, and most of us use the exact same password for every online account.
If you’re one of those people, then I’m not mad at you (I’m just disappointed). But if you’re going to make one password unique, make it your email password.
If every account you own has the same password of “Cat1234”, then maybe consider switching your email account to “Spiderman12345678”. Or better yet, choose a password that isn’t stupid.
Why would you have unique passwords for your email accounts? Well, that way, if someone guesses or cracks your password on an unsecure website, then that individual won’t be able to access every other account you own.
Think of all the websites where you’ve registered by entering your email address. Do you think every one of those websites employs a top-notch IT security team? Probably not. One leak will send your email address and password combination plummeting into a hacker’s hard drive.
Obviously, most of us don’t want to remember 300 different passwords. So if you could only protect one of your online accounts using a really good password, please make it your email account. You’ll thank me if your password ever gets leaked (and it will get leaked if it’s as dumb as “Cat1234”.