Three Essential Steps to Make Yourself More Hack-Proof

(Josh Valcarel/WIRED)

Look, there’s no hiding from being hacked. Everything is vulnerable, and if you haven’t been personally affected by a data breach yet, you will. But while you can’t ever protect yourself 100 percent from malicious data theft, you can at least put a better lock on your door than the one your neighbor has. These three simple tips will go a long way toward helping you avoid having a hacker rifling through your files.

Read: What’s Inside Sriracha That Makes It So Delicious?

1. Don’t Reuse Passwords

If they get you, this is how you’ll get got. Password reuse is a huge problem. That’s because when one service has a breach (say, LinkedIn or Adobe), people rush to try the exposed passwords on other sites—especially email, social media, and banking. If you use the same password multiple places, it makes you only as secure as the most vulnerable target. The same thing goes for your clever password schemes, too. If a human being can’t figure out the slight variations you’ve set up to track your Gmail, Facebook, and Wells Fargo passwords, a machine will.

2. Set Up Two-Factor Authentication

Look, I know two-factor authentication sounds a little scary. It even sounds a little scary when you call it two-step authentication. I know. But basically, it just means that when someone tries to log into an account from a new location (a different computer, a different phone, whatever) they also have to enter a code that’s sent to a trusted device. This usually means that you’ll get some sort of text message with a six-digit number you have to enter if you want to, say, log into Facebook from a computer in the library (bad idea!) or reset the password on your Google account. The thing you should know about two-factor is that once you have it set up, which is typically an easy process, you’ll rarely have to actually use it. It’s mostly a set it and forget it operation.

If your bank, or email provider, or online data storage provider doesn’t offer two factor, find a different one that does.

3. Use a Password Manager

A good password manager will help you create and manage strong passwords that you can use to log in from the Web or your mobile device. All you’ll ever need to know is the master password. The rest of your passwords are encrypted, and can only be unlocked by that master password. You can use a password manager to both generate and track new passwords, and to perform a password audit of your existing ones. Dashlane, 1Password and LastPass are all great options.

You’ve been warned.