Passwords and Security for your phone.
I was watching a YouTube video recently where the presenter mentioned that someone had acquired a copy of his phone sim code and then got into his social media profile. Not sure how, I thought the sim card only contained contacts, not the actual phone content. It got me thinking though, and I thought I would share this.
I pondered the question, how easy would it be for someone who simply stole my phone to access my data?
Most phone apps don’t require logging in unless you make a point of always logging out when you close down. Some apps simply don’t have a log out option.
If someone can access your email, then they can simply ask for a password reset for most important sites.
Two tier access is great but it is not helpful if thieves have the phone.
Whilst a pin lock on the phone is a pain, I feel it is a good idea. However, I guess it can eventually be broken.
Therefore, to be on the safe side I decided to try and work out how I could overcome most security issues and this is what I came up with.
- A VPN helps deter trying to steal data from external sources as it turns your data stream into gobblygook. So great to stop external probes.
- When using your email address to log into sites, join newsletters and downloads use one that you do not have an app for on your phone. Use the web option for this email so that if people have your email, they cannot easily log in. I have one gmail account that I only use on my phone and nowhere else.
- Set up an email address on a platform that is only used for important accounts with very secure systems such as banking. This email address can be used an an alternative address to reset passwords on major sites but not given out to log in. The access again, should only be online. I have used yahoo for this.
- Have a different password for each of your email accounts and don’t use these anywhere else on the web.
- If you have a modern PC, your outlook password will be the same as your computer login, so don’t use it anywhere else.
- Have a password that relates to your financial accounts and vary one or two letters so that each is very slightly different but the base is the same.
- Make your passwords 10-12 characters long. Include numbers, small and capital letters and at least one non-alpha numerical character.
- When storing passwords and usernames in your diary at home, use a code to determine the secret. For example the code cat could be your code for an old pet Fluffy.
- Use a password for your social media accounts that varies by one letter so slightly different for each and again, not used anywhere else.
- Set up a password for general important sites. This could be membership sites, where they are likely to have some safeguards against hackers.
- Set up a password for everything else. This should be used for sites that even if someone obtained access, no harm could be done.
- As google uses your gmail account for Google plus and You Tube, it is recommended that you use another provider for the email address you use for everyday and forward it to your gmail account.
Once I worked out my passwords, I starting going through all my favourites changing the recovery email where possible and updating the log in password. Some usernames cannot be changed, so in future when choosing a username think carefully about security as well. I will continue to go through all sites I regularly use and then those in my ‘black book’.
Google has smart lock within google account which you can use to store non-critical usernames and passwords. Last pass also is a free online tool, however I have found it needs a little more setting up as it does not always record your password changes. I like that google auto sign can be turned off.
A big job, but I feel it is a necessary one. Any other tips you feel would be helpful to secure your data?