Account security - Why you shouldn't use your phone number as an account recovery method.
Hi all, just wanted to share some quick tips on account recovery.
- Remove your phone numbers from services like Gmail, Facebook, and other services. This is a bad practice implemented by popular services. The idea is that they send you a SMS text with a special code to gain access to your account. While useful, there is a problem with this. It is very easy to redirect your phone number to another device without your knowledge! I don't mean the goverment, it's actually a serious problem not many people are aware of. Hackers can use your own service provider against you. They don't even need a rogue cell tower to redirect your cellphone traffic (But this is also possible). Just read this article about a woman who got seriously hurt because a regular person conviced her phone company to redirect her # somewhere else.
How I was hacked, extorted, sexually harassed, and what you can do to protect yourself
Use 2 factor authentication on services. This is a great way to control access to the services you use. Enabling this will allow you to allow or deny every login attempt. This also requires a separate device such as your phone, but it is worth the trouble, because you don't need to panic whenever your password got leaked, brute-forced, or even getting guessed. However, don't use SMS as a 2 factor authentication method if you can help it. Reason is, hackers can exploit your service provider as they did in the article above.
Use password managers: Lastpass, keyrings, and Keepassx are great. Use them! Only need to know 1 password then and some of them support awesome features.
Use hardware keys, these are usb keys that allow you to login to anything by plugging them into your computer. They are much safer than passwords because keyloggers are useless now.
Setup a second email account for just account recovery!
Install adblockers, these will prevent a lot of viruses representing themselves as ads and will make your life easier.
I think these are some good tips to follow. I might update this post if I think of new stuff. Comment if you have any other helpful tips or have stories you may wanna share with us!
Bye!
Nice post. Also install EAL(https://chrome.google.com/webstore/detail/etheraddresslookup/pdknmigbbbhmllnmgdfalmedcmcefdfn) or use MetaMask if you are a ETH user. Too many phishing sites, MEW imposters.
Congratulations @tech.ninja! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
You got your First payout
Award for the total payout received
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOP