The problem with a hacked email account is the domino effect. All registrations, purchases, renewals, transactions, password reminders etc. are sent to your email inbox. So once the first domino falls, the entire setup falls apart in one fell swoop. After the jump, we’ve rounded up a few tips that can help you secure your email accounts of popular webmail services.
Use a Strong PasswordYes, I know this is what every other tech blogger says every single time. But that has never made people any wiser. Even hackers feel insulted when they come across passwords like “sweetlove123”, “pass@123” and the like. Google is the best when it comes to putting real effort into securing your email account proactively. You can use special characters, numbers, upper and lower case alphabets of almost any length. My Gmail password is between 60 to 80 characters long and my general rule of thumb is to have a password that only the NSA can hack.
Use a reliable Secondary Email AddressAbsolutely no Hotmail accounts for secondary fallback email account people. They still have their stone age era email account expiry plan after certain number days of non usage. So if the secondary email address is Hotmail and is expired, anyone create it back again to receive password reset information. And since webmail providers have this peculiar habit of giving all kinds of hints to remind you of the email address where the password recovery link has been sent, use an uncommon, custom domain or corporate email address that is hard to guess and hack into.
Setup SMS AlertsGo to your account settings and add your mobile number to receive SMS alerts. Once that’s set up, Google will send you the password reset code whenever somebody tries to reset your password. Alternatively, if you are a smartphone user, you can rely on these SMS alerts and disable password recovery via email altogether. Email accounts are always vulnerable to a hacker from a remote place but your mobile phone is not. Yahoo provides the same feature free too. Hotmail has a similar feature but is not supported in a lot of countries.
Be sensible with your security questionOk. There’s absolutely no point in having the security question, “My favorite doggy”, and posting pics of you and your poodle with images titled “Rolling with Rosy” on Facebook and Twitter. A lot of personal information is available online, thanks to social networks. On being the weakest links in the email security chain, security questions rank ahead of weak passwords. It’s nice to be an open book but select a question from those stapled pages and blacked out lines.
Check Filters and Forwarding AddressesIn the event of a hack and after reclaiming the account, go through the existing filters to check if there are some sneaky filters set up that forward all your credit card, login info, bank account and other sensitive correspondence to an email address that is not yours. Go to the forwarding page and see that all your incoming mails are not forwarded to the hacker either. This helps you avoid getting hacked in the future too.
Avoid Public WiFiHappy to have discovered an unsecured WiFi hotspot? Or mooching your neighbour’s spilt WiFi? Enjoying the free WiFi of the coffee shop round the corner? Good for you and so is for the hacker sitting nearby to sniff the packets right out of thin air. Avoid using public WiFi for accessing email or transacting online with a credit card. Casual browsing and YouTube watching (without logging in) are Ok. Accessing emails is a big no, no.
Do not share your login informationAnother obvious fact. But at times, it’s necessary for small businesses and online entrepreneurs to share login information with colleagues. For example, accessing Google AdSense, Analytics or Microsoft Live services etc. The ideal solution is to create a dedicated account for accessing these services instead of linking everything to your personal email id and sharing it.
Login regularlyEven if a hacker gets hold of the answer to your security question, they cannot use it immediately to reset the password and break into your Gmail account. Password reset with security question is possible only after 24 hours of your account being inactive after receiving the password reset instructions. So for once, checking your mail regularly is a good thing. Also, it will help reset the Hotmail account’s expiry date. Unfortunately Hotmail and Yahoo do not have this useful restriction in place.
GmailEnable HTTPS by default from your account settings. This helps from the password getting sniffed when transmitted over public WiFi hot spots. If you are a Google Apps user, enable pre release features to avail the upcoming two factor authentication system before it launches.
HotmailUse the Windows Live Essentials package and verify the computer you are using as reliable. “Trusted PC” is a unique new proof that lets you link your Hotmail account with one or more of your personal computers. Then, if you ever need to regain control of your account by resetting your password, you simply have to use the trusted computer and Hotmail will know you are the legitimate owner. It’s a great feature for those who are really paranoid about email security.
YahooMake use of the sign in seal option to verify the computer. Sign in seal is basically an image or color that Yahoo displays for each of your computers adding another layer of security to the login process.
Avoid WebmailStill not sure about the safety and security of your email account online? It is totally understandable and I suggest you to take it off the Internet. I mean, partially. Get hold of an ISP and get a POP or IMAP account set up for your email address forgoing the webmail set up. Then use desktop email clients like Outlook or Thunderbird to pull your mails. It will make you feel dated, but is reliable and works effectively too.
Did we miss an important tip or got a better suggestion? Share it with the rest of community in the comments section.