Has Yahoo notified that your email has registered logins from locations/companies you don’t recognize? Has any of your account info been changed without permission? Are your contacts complaining that they’ve been receiving spam from your account? No doubt, these are tell-tale signs that your email’s security has been breached and you could be among the 500 million user accounts affected by a massive Yahoo hack.
As it turns out, one of our biggest fears just came true: the tech firm recently confirmed that a massive breach of its database occurred back in 2014. According to reports, the Yahoo hack allegedly stole account information such as emails, names, telephone numbers, passwords, and even answers to security questions.
What should you do if you suspect yourself to be a victim of this Yahoo hack?
Update your password ASAP
At the moment, Yahoo has been telling anyone who hasn’t changed their password since 2014 to start updating. This precautionary measure is in your best interest so you really don’t have any other option but to listen. Best practice shows that you should change your passwords every six months from now on.
Check for suspicious activity
First, look for anything suspicious within your account, such as outgoing emails you didn’t make, spammy messages in your inbox, and any odd logins in your account’s recent activities.
As you go through your messages, be extra cautious about clicking links or downloading attachments from unknown email addresses. If some seemingly legitimate organization is asking for any account information (especially your account’s password), disregard them completely.
Strengthen your password
By all means, avoid using the likes of “12345” or “password” for your password. Forget about using any personal details like birth date and names, too.
Ideally, your password should be a mix of letters, numbers, and characters. That, or you could be using a phrase made up of words and numbers that make little sense.
Change your security questions, too
Security questions are often used as an alternative way to access your own account in case you forget your password. Unfortunately, the answers to these questions were among the info stolen during the massive Yahoo breach. While the company did disable any unencrypted security answers in all of its users’ accounts, you should still update this information immediately.
A word of advice: try not to use the same security questions and answers for any other online accounts you have. In the light of the recent data breach, malicious parties may already be working at obtaining access to any accounts linked to your Yahoo mail.
Avoid using the same password for different accounts
If you have been using the same email password for most, if not all, your online accounts (e.g. social media accounts, other emails, administrator logins, etc.), it may be high time to mix things up a bit. Remember that once hackers get access to any one of your accounts like your Yahoo mail, they can attempt to use similar credentials to access your other accounts.
Always keep this in mind every time you sign up for any website going forward: Never use the same password twice.
Make password managers your new best friend
Because strong and unique passwords are often a hassle to memorize, password managers can do the work for you.
Some free platforms like LastPass 4.0 and LogMeOnce not only store every password and security answers for all your accounts, they also automatically generate new passwords for you. They even create reports on how strong your current passwords are and provide necessary recommendations to improve them. With such handy websites at your disposal, you may only need to remember just one master password.
Fortify against a future Yahoo hack with two-factor authentication
Relying solely on a strong password may no longer suffice in protecting your accounts. For better security, add a secondary authentication like confirmation of a code sent over SMS or generated by an app.
Yahoo is encouraging all of its users to turn on its two-factor authentication tool, Yahoo Account Key. Each time you attempt to access your account, Yahoo will send a confirmation code to your cell phone. This tool is clearly an easy authentication process that eliminates the need to remember your complex password.
To activate this security measure, simply log in to your account via the Yahoo app or your web browser, go to your profile, and then select Account Key. It’s a breeze to set up from there.