10 Things You Can Start Doing Today to Lock-Down and Secure Your Online Accounts!

After getting hit with yet another phishing email this morning and having received several password reset emails in the last week that I didn’t ask for, I figured it was a good time to go over some of the things you can do to secure your online accounts and ensure that you don’t fall victim to hacking and account takeovers. Keeping your online accounts secure is a crucial way to protect your privacy and personal information while preventing unauthorized access to financial or personal data. Here are ten things you can start doing today to help secure your online experience:

1. Use strong, unique passwords

You should always avoid using common or easily guessable passwords. While it can be a pain to create complex passwords that include a combination of letters (upper and lower case), numbers, and symbols, much less remember them, your browser can help!

For instance, I use Chrome across all of my devices, no matter the platform; creating hard-to-crack passwords through Chrome is almost always an option when there’s a new password field offered on a site, and Chrome will remember them for me and make them accessible across all of my devices without me having to write anything down. Just about every browser offers this option, whether you are on Safari, Edge, or something else.

2. Enable two-factor authentication (2FA) on all apps that allow it

2FA adds an extra layer of security by requiring you to provide a second form of verification, such as a temporary code sent to your phone or email, in addition to you entering your password. While having 2FA sent to your phone can be problematic since there are crooks out there spoofing cellular numbers, it’s still better than nothing.

You can also look into using a Multi-Factor Authentication (MFA) app like Google Authenticator or Microsoft Authenticator. You can also check into the LastPass Authenticator, which plays nicely with LastPass if you’ve got that installed already.

3. Regularly update your passwords

It might seem obvious, but changing your passwords periodically greatly reduces the risk of your accounts being compromised, especially on the ones that don’t offer 2FA or MFA. It’s recommended that you update them at least every few months, but definitely whenever there’s a potential security breach.

Again, if you’ve been using the same login password for years, it’s time to go through them all and make some updates! This is a tedious process, but it is one you can do with the help of your password manager or through your browser.

Chrome offers a handy password checker tool for each account that can be accessed from the menu tab/Settings/Autofill and Passwords/Password Manager. Every browser that saves passwords will offer something similar.

To find out if your account is one that’s been compromised, you can sign up at Have I Been Pwned; they’ll send you an email every time your registered emails or phone numbers are found on the dark web or in known security breaches.

4. Beware of phishing attempts

Be cautious of suspicious emails, messages, or websites that aim to trick you into revealing your login credentials. Always verify the authenticity of the source before providing any sensitive information.

On a personal note, I had a friend who lost a substantial amount of money because they Googled the name of the service they wanted to sign into instead of going to that site directly. At the top of the Google search, marked as Sponsored, there was a site that appeared to be the one they were looking for, but it actually wasn’t. They had no idea they weren’t on the correct site; they entered their sign-in info, and their account was emptied. Learn from their mistake!

5. Use a reputable password manager

Consider using a password manager to generate, store, and manage your passwords securely; these tools encrypt your passwords and help you remember unique ones for each account.

I’ve already mentioned LastPass, but even older password managers like eWallet, which I have been using since I was on a Palm PDA (!!), offer the option to generate impossibly long passwords and keep them safely for you, uploading your database to DropBox and Google Drive so you can easily connect to them and access your passwords across all of your devices.

When Chrome can’t automatically offer me a safe password (rarely, but it happens!), I use eWallet to generate one, and then I know it’s saved both on Chrome and in my eWallet app.

6. Keep your software up to date

I know it’s a pain, but regularly updating your operating system, web browsers, and other software will ensure you have the latest security patches. Outdated software can have vulnerabilities that hackers will exploit; don’t give them the chance — just update your apps every time there’s a new version!

7. Be mindful of public Wi-Fi

You should avoid accessing sensitive accounts or transmitting confidential information when connected to public Wi-Fi networks. If you’re in a hotel or on a plane, or you’re not on an unlimited data plan and must use public Wi-Fi, consider using a virtual private network (VPN) for added encryption.

I get this service as part of my Google One plan, which offers VPN for multiple devices while also backing up my photos, files, and devices; unlocks access to Google experts; gives me more Google Photos editing features like Magic Eraser (even on my iPhone!); gives me 10% back in the Google Store; monitors the dark web; upgrades me and those I’ve added to my plan to Google Workspace premium, and allows me to share my plan with up to 5 others. Google One Plans start at 2TB for $99.99 per year.

Another option is Nord VPN, which offers secure, high-speed VPN, Malware protection, a tracker and ad blocker, a cross-platform password manager, a data breach scanner, 1 TB of cloud storage, next-generation file encryption, and a personal data removal tool. NordVPN starts at $18.68 monthly, but there are substantial savings if you go for a yearly or multi-year plan.

8. Review your account activity regularly

You should also periodically check your account activity to identify suspicious logins or unauthorized access. Many online platforms offer activity logs or email notifications for this purpose; for instance, if you have a Google account, the security settings can be found here.

Not only can you check recent sign-ins there, but you can also upgrade the way you sign into Google with 2FA and passkeys, see all the devices that are currently signed into your Google account, see third-party access to your account, and more.

9. Enable account recovery options

Set up account recovery options, such as alternative email addresses or phone numbers; this will help you regain access to your account if you ever forget your password or get locked out.

Years ago, I had a friend who was locked out of their Apple account because they hadn’t set account recovery options up and they didn’t have 2FA, and there was literally no way for them to get back into it without starting over with a new Apple ID. Such a headache!

10. Regularly review privacy and security settings:

Once you’ve familiarized yourself with the privacy and security settings of your online accounts and adjusted them according to your preferences, it’s important to keep yourself informed about any changes or updates made by the service provider.

When you get an email saying that you were part of a breach, immediately go in and update your password with something strong; even when that hasn’t happened, it’s a good idea to remember number 3 and Regularly update your passwords!

It may seem like getting all of this done will be a pain, but implementing these measures collectively will secure your online accounts, and it’s never been more important to remain vigilant and proactive in protecting your digital presence!

As an Amazon Associate, we earn from qualifying purchases. If you are shopping on Amazon anyway, buying from our links gives Gear Diary a small commission.

About the Author

Judie Lipsett Stanford
Judie is the co-owner and Editor-in-Chief of Gear Diary, which she founded in September 2006. She started in 1999 writing software reviews at the now-defunct smaller.com; from mid-2000 through 2006, she wrote hardware reviews for and co-edited at The Gadgeteer. A recipient of the Sigma Kappa Colby Award for Technology, Judie is best known for her device-agnostic approach, deep-dive reviews, and enjoyment of exploring the latest tech, gadgets, and gear.