Unhackable: How To Control Email & Password Technology
This week, international best-selling author and Westwood, MA resident George Mansour is back to help readers become “ Unhackable” by protecting their email addresses and passwords. You register for sites (including the Westwood Patch) using your email and a password, but how do you do it safely?
Mansour suggests people have three email addresses: an old one, a new one, and a backup one. The “old” email is one used for things like online shopping. The “new” email is one only given to very important people in your life, and important things like banking. The “backup” email is the one you give to sites as a backup in case you need it to recover an account.
“Most people don’t understand that while it seems like little things, when you aggregate and analyze all of the small things, they would be shocked at the amount of privacy they are losing without knowing it,” says Mansour. Using the example of passwords for websites, he says “Passwords are not sufficient on their own.”
HaveIBeenPwned is a great website to start tightening the security on your digital life. By entering an email, you can see if any data connected to that email was revealed in a breach. I found that my email has been a part of breaches including a gmail-based one in 2014, one with Linkedin in 2016, and one with Canva. Canva is a graphic design site I use mainly for making graphics for Have A Hart Day. I made the mistake of using the password I use when I am being lazy, which is now in the hands of the person who committed the breach.
“Don’t freak out, this is a wakeup call,” advises Mansour of this situation. He recommends not using a program or browser to remember your passwords. Mansour recommends using a site such as How Secure Is My Password to design a strong password, and a password organizer that can be kept on one’s person. “And if you ever lose it, it won’t make sense to anyone else but you. For example, you can encrypt it in real-time by decoding the words so that only you would understand like one of the beginning letters like O for Bank of America for your account bank name, then only show half of the username you use without anything after the @ or an avatar name that only you would understand that doesn’t link back to who you are or identifies you at all, and a strong password.”
For websites that seek an email address that you don’t want to give one of the three emails, such as for a survey, Mansour recommends a disposable email address. Disposable email addresses are available at TenMinuteEmail, Throwaway Mail, mailinator, and TempEmailAddress. “Options like disposable email addresses help make technology enjoyable again,” he notes.
Keep an eye out for phishing emails in your inbox. If you get an email from an email claiming to be from a site you use often, but it seems abnormal, PhishTank is a great place to test valid links.
I received an email from “Apple Support” in my inbox for my “old” email last week telling me my Apple ID had been locked. It began with the red flag of the actual email address being a long string of letters and numbers not from apple.com, so I was confident it was fake. I checked a link found in it in PhishTank, but they did not have the link on file. Entering the link in URLRevealer informed me the link led to me to a site which was not Apple.com.
Originally published at https://patch.com on May 28, 2020.