The hacks keep getting bigger. Half a billion Yahoo user accounts were reported as stolen in late September, and the company said it suspected a state-sponsored actor. The information included names, email addresses, telephone numbers and dates of birth but not payment card or bank data, Yahoo said. Earlier in the year, more than 360 million older accounts on the Myspace social network—long eclipsed by Facebook—were reported as compromised. That followed news in May that a 2012 hack of LinkedIn had been far larger than first estimated, exposing more than 100 million passwords. That haul of data apparently included a password used by Facebook chief executive Mark Zuckerberg, whose Twitter and Pinterest accounts were hijacked.
If even the head of the social media behemoth can be hacked, what can ordinary people do? Zuckerberg made the same mistake many people do—using the same password for different sites, widely reported as “dadada.” With that humbling lesson in mind, you should make sure you don’t reuse passwords across multiple sites and that you use strong passwords. Those should include numbers and symbols and even whole sentences to at least make it more challenging for the hackers. You might consider two-factor authentication, which usually involves a site texting you an access code when you try to log in. You then enter the additional code to access the site. Hackers, presumably, won’t have your phone with them. And be mindful of the privacy settings on your social media accounts.
When you move to stronger, more complex passwords for different sites, you’ll need some way to remember them all. Instead of taping the list to your computer, you might consider a variety of password manager apps. Some popular apps remain 1Password, Dashlane, LastPass and SplashID. But there are a lot of other choices. You might consider Keeper, a password manager and digital vault, mSecure Password Manager, eWallet to keep passwords and other data secure, OneSafe or Roboform. Most of the apps are available for free, but you will have to pay for more functionality.