The Office of Pieter Pelgrims

Protect Ya Neck

The Mat Honan Hacking (2012) popped in my head some time ago, I became quite paranoid after reading that article, I wrote down some measures I took.

Spam

I used to attend a class about marketing, I can’t recall exactly what it was about but the professor used to tell us a story how he always wrote one small mistake in his home address when he handed it out to a company. That way he could keep track who was selling his personal information.

I’m not sure if you’re familiar with two hidden ways to get more from your Gmail address but we can use this to do the same thing my teacher used to do.

Data Breaches

This doesn’t happen every other week, but it does get some media attention from time to time. Recently I got an email from a local job site requesting me to change my password: I’m not saying they had a data breach but I am thinking it.

On Have I Been Pwned? you can discover whether your data was breached or not. I think it goes without saying that using the same email/password combination for a lot of web sites is just plain stupid.

Keeping that in mind and seeing most common passwords 2016 list, it’s probably a good idea to start using a service like 1Password. For me it’s worth the money, they have mobile apps as well as desktop apps, and browser plugins.

Two Step/Factor/Way Authentication

This is an extra measure of protection, aside from your password, you need to provide a code that was sent to your phone to log in. It’s free and I highly recommend it.

These services make use of this idea:

I’m sure there’s more but these are quite popular.

In conclusion

I’d recommend enabling two step/factor/way authentication anywhere possible, combined with the power of the plus sign in Gmail email addresses, and a randomly, unique, and generated password from a service like 1Password. My recovery email address is usually from another service than the one I’m using.

These are a couple of free email services you could use, I’d recommend Gmail but you might hold something against Google.

And of course this:

Update (2017-06-16)

This was an article that got featured on HN recently: Hackers Are Hijacking Phone Numbers And Breaking Into Email, Bank Accounts: How To Protect Yourself

Update (2017-07-06)

I guess I want you to see the whole picture and make up your own mind. This was featured on HN as well: Why traditional password managers are flawed

Update (2017-07-14)

Twitter user @j4cob makes a strong case to use a password manager: How Not To Get Phished.

Update (2017-09-13)

Where are the flaws in two-factor authentication?