The easy trick that helps make your accounts more secure
Many online accounts and services now offer two-factor authentication(2FA). If you see a message about setting up 2FA, it’s an offer you shouldn’t refuse, even after you’ve strengthened your passwords (see this article about making passwords stronger).
Put simply, 2FA means that in addition to entering your password, a second verification is required for you to log in. You will usually be sent a code by text or email, which you’ll have to manually enter on the site. So even if someone has your stolen password, they can’t get into your account without that code.
One more point about 2FA: If given the choice, use an authentication app to get the code. Sounds complicated, but it’s just an app that sits in your phone and generates the 2FA code that would otherwise be texted or emailed. This reduces the possibility of hackers intercepting a text or email on its way to you.
How Your Password Gets Stolen
What you should do : Never give out personal information by email, voice or text. If the appeal does seem real, get in touch with the company directly using contact information from the back of your credit card, or go to the website yourself instead of clicking the link in the email.
What you should do : Immediately change the password for your account with that company. If you’ve been using the same or similar passwords for other sites, change those as well.
What you should do : First, set up your computer and phone so each requires a password or fingerprint login to turn back on if they’ve gone into sleep mode. Don’t store passwords in a document on your computer. And be sure to turn off auto-fill on your password manager and browser.