Since the election I’ve had the news on constantly (I can’t help myself, and I really never followed politics before). Every day I am bombarded with the words “Russian Hacking”, the whole thing is enough to drive a person insane. Today, as the news is literally talking about wikileaks and Russian hacking, my 17-year old daughter facetimes to say her Instagram account was hacked.
Suddenly the dark underbelly of the internet, the naughty, evil and very naked side you are constantly trying to protect them from, is now being broadcast from her account to about 800 followers – school friends, younger cousins, parents, teachers, potential college recruiters – the distress is real!
She was smart enough to immediately try to change her password – but they were smarter and had already changed it. It ended in ***.ru. I shook my fist at the tv. There was no way to recover the account now.
We reported the account to instagram who messaged back within 30 minutes that they deleted the account. That was reassuring, I was not expecting that kind of turnaround.
She’s back up on a new account minutes later of course, and we made sure to talk about password protocols, which I thought would make for a GREAT blog post today.
People, CHANGE YOUR PASSWORDS.
- Obviously, never share your password. Why would you do that. That’s dumb. Don’t post it on a post-it note on your screen (aha, caught you, didn’t I!)
- ALWAYS use a combination of symbols, capital letters and numbers.
- Make the password at least 8 characters long. As long as you can remember, the longer it is, the hard it is to crack.
- Don’t just use one universal password for everything. If you’re desperate, try using clever combinations of a short phrase. An example, #H4wa1i_2o16! – you can interchange characters with numbers and vice versa, so you can use the same phrase but create variants.
- If a social media account was hacked, change the associated email account’s password too – you might find that could have been compromised as well.
- Create a separate social media email account using gmail or another provider – for God’s sake don’t use the same email accounts for your banking that you use for your social media and other random things. If you’re really ambitous, create one for each social media account so you can limit the damage should it get hacked.
- Use an encrypted password vault or manager to help manage them if needed, like lastpass.
- If you have the option to have multi-factor authentication – do it!
- Don’t open emails from anyone you have no idea who they are, and if you do for god’s sake don’t click on whatever *urgent” attachment they’ve attached. Delete immediately!
- Don’t respond to “phishing” emails!! Be very careful before clicking on a link (even if it appears to be from a legitimate site) asking you to log in, change your password or provide any other personal information. If it seems legit, log in to the site WITHOUT clicking on the link – if they are requiring your attention, or a password change, they’ll let you know there – NEVER CLICK THE LINKS FROM YOUR EMAIL.
- Secure all of your mobile devices!! Use the pin, password or fingerprint option.
Go. Do it now. Change your password.