Secure Critical Accounts (email, financial, cloud, social...)
Why
Critical accounts are those that, if compromised, could lead to significant personal, financial, or professional damage. These typically include email (especially if used for account recovery), financial accounts, and primary social media profiles. Securing these accounts is vital to protect your digital identity, finances, and personal information from unauthorized access and potential misuse.
Action
Identify your critical accounts:
- Primary email accounts
- Banking and financial services
- Main social media profiles
- Cloud storage services
- Work-related accounts
For each critical account:
- Create a unique, strong password:
- Use your password manager to generate a password of at least 16 characters
- Include a mix of uppercase, lowercase, numbers, and symbols
- Enable two-factor authentication (2FA):
- Prefer app-based authenticators (e.g., Google Authenticator, Authy) over SMS
- Use physical security keys for highest security when available
- Review and update recovery methods:
- Set up multiple recovery email addresses and trusted phone numbers
- 2FA Backup Codes: When enabling 2FA, most services provide one-time backup codes. Crucially, print these codes and store them in a very secure physical location (e.g., a fireproof document bag or safe, separate from your primary devices). Also, consider storing a digital copy securely in your password manager if it supports it, but the physical copy is key for device loss scenarios
- Store any other account-specific recovery codes (e.g., for password manager itself) with the same level of security
- Verify and update contact information:
- Ensure email, physical addresses and phone numbers are current
- Remove any old or unused contact methods
- Check for any linked accounts or authorized apps and remove unnecessary access
- Review security questions and answers:
- Use random, false answers stored in your password manager for higher security
- These security question answers are often public or easy to find information
- Enable login alerts if available, to be notified of any new device logins
- Create a unique, strong password:
Remember
Your critical accounts are the keys to your digital kingdom - securing them with unique passwords, 2FA, and printed backup codes is your first and most important line of defense against digital threats.