The recent stories about celebs naked iCloud photos being leaked to the world has been a bit of a wake up call for some when it comes to online security. The Fappening, as it’s known by those who leaked the photos on popular website Reddit, showed how easy it was to trick people into parting with their passwords and usernames for pretty much any service when a fake landing page is used. If you use the same password and username for multiple sites, you might give people access to your paypal account, Amazon or anything.
There are things you can do to make a lot of your online accounts safer. I’ve written about how to spot scam emails before but everyone has an off day and is entirely capable of clicking something without thinking about it, so there are other things you can do. If you use the Google ecosystem, which obviously includes Gmail, you can set up what’s called 2 step verification.
2 step verification breaks your devices down into 2 categories- trusted and untrusted. You have the decision on what to make trusted, and what to leave untrusted. A trusted device might be something like your smartphone or your home PC, an untrusted device might be a work computer that others have access to or a friends computer.
On all devices, you have to go through a verification process for the device the first time you log in from it after you’ve turned 2 step verification on. This involves a 6 digit code being texted to you which you have to enter to proceed with the login. At login you’re given the choice of trusting the device, which means you won’t have to do the 2nd step with the text message again. If you don’t choose to trust the device, you will have to do the second step with a new 6 digit code every time you log in. If you lose your phone, don’t worry, you can still log in to your account on a trusted device and simply change the mobile number.
Even if you choose to not set up two step verification, it’s worth noting there are some other security features that Google has. You can go to your Google account settings and click Security to view all the settings but the one I’d highlight is the recent activity tab. Click on this and it will show you where your account has been accessed from recently. For me it’s 90% St Albans as I live here but if somewhere you know you’ve not been to appears, you’re account may have been compromised. You can even set up Google to text or email you when it detects what it considers to be a suspicious log in attempt. When I logged in via the wifi in the cottage we stayed in on holiday, I was asked to confirm who I was as I hadn’t logged in from that location before. Just make sure you have a recovery mobile phone and email account set up.