Keeping accounts safe and managing passwords can sometimes seem overwhelming. Here are a few tips for online account maintenance & security.
Account recovery, and proper recovery options, are very important to ensure users will not be locked out of their accounts.
Setting Up Accounts
For all accounts it is important to use correct information. Using your real name, birthday, and other information is vital for maintaining the account, and recovering it if needed. If you choose to make information up, be sure to write it down along with the password. You may be required to verify this in the future.
Whenever a phone number is required, it is important to use a cell phone number. When a cell phone number is verified, it will usually be the main key for getting back into the account. Do not use a landline phone number. There is no texting capability with landlines, so no recovery code can be sent.
The second best recovery option is to add an email address. Make sure that access to this backup email address remains viable for it to be used as a recovery option.
It is always good to have multiple recovery options. Both cell phone and email can usually be added and then either can be used to reset a password.
Maintaining Multiple Accounts
In the modern age of computing users will end up having dozens, maybe even hundreds of accounts.
To expect to remember every password is unrealistic, especially if the passwords are complex as required for security.
It is important to use tools to manage the usernames and passwords of these accounts.
Some common tools to do this are:
- Browser based password managers
- Device based password managers
- Online password managers
- Word documents, spreadsheets, or phone notes
- Old fashioned pen and paper
Computer users should use at least one of these methods to neatly store the usernames and passwords for their accounts.
Understanding Account Importance
It is important to differentiate the importance of your accounts in order to keep the most valuable ones the safest.
A user’s main email address, which is used to reset passwords for all of their other accounts, is far more important than their account with Panera Bread.
Another example is that the user’s bank account information is more important than their account with Netflix.
But all of these accounts, which include identifying information as well as payment information, might need to be more secure than your local library account.
Determining what information could be exposed helps you decide whether to use two-factor authentication.
Important accounts should all have different passwords that are complex. If one is compromised, then the others will still be safe.
Less important accounts can have passwords a little more lax. Some simple accounts can share the same password, although this is never recommended.
If a company has a data breach and exposes client’s user names and passwords, the thieves will use this combination at all different websites. If the user name and password combination has been reused by you, the thief can gain access to any account where you used it. This is why reuse is discouraged,
The most important account is email, which is tied to resetting passwords at all of the other accounts. If this email account is compromised, all of the other account’s passwords can be reset.
If access to this email account is lost, it is also possible that it will be very difficult to reset passwords for the other accounts tied to it.
Setting up the proper recovery steps for that email, and all subsequent accounts, is required.
Keeping Accounts Secure
To keep accounts as secure as they can be, follow these measures.
Use 2FA or two-factor authentication. The first factor is the password itself. The 2nd factor requires confirmation from either a phone number, alternate email, or alternate device just to log into the account. The additional factors have to be set up ahead of time.
This means even if someone has the password to an account, they can not get into it unless they have access to the other factors.
With that being the case, phone number/device based 2FA is typically the most secure as it requires the physical phone/device itself.
Keeping the computer free of viruses and malware is also very important to keeping accounts secure. The main computer operating system have reasonable security features built in. It is up to the user to be careful about the links they click on and the website they visit.
Keeping passwords as private as possible is also important. Beyond trusted individuals, never give out a password.
No company should ever ask for the account password, and companies will never send an email requesting it.
Beware of Phishing scams through email and on fake websites. Always be sure of a website’s authenticity before entering any sensitive information.
For an in depth view of security options, check out 12 Simple Things You Can Do from PCMag.
Additionally, If you have specific questions about account maintenance & security, or if our terminology isn’t clear, please use our contact form to send us a message. Thank you!