If you use Yahoo Mail or any of its services, you need to do this now
Yahoo confirms of a massive data breach that affects at least 500 million user accounts
After Yahoo confirmed on Thursday of a massive data breach that affected at least 500 million user accounts, Yahoo users need to act now.
According to a long investigation, leaked account information may have included names, email addresses, dates of birth, telephone numbers, hashed password, encrypted or unencrypted security questions and answers. If your password was not leaked, it doesn't mean you shouldn't change it.
Potentially affected users are likely to be notified by Yahoo. However, it is advisable for all Yahoo users to take the following steps for added security.
Update your Yahoo accounts
This goes without saying, affected users need to update their accounts. Yahoo has invalidated unencrypted security questions of those users it believes have been affected, but everyone should go and change their password, especially if it hasn't been updated since 2014.
Yahoo says at least 500m accounts hacked in 2014
Change passwords, security questions that match your Yahoo's passwords and security questions
People tend to keep the same password and security questions for multiple accounts/services. If you are one of them, take this opportunity to do what you should have done a long time ago — go to those accounts and change passwords and security questions. Try not keeping similar passwords for multiple devices as it’s a hackers’ lottery if they find a user with similar passwords.
Use password manager
Using a similar password is often convenient for most users as keeping track of differing passwords can be difficult at times. To help solve this problem, you can use password management systems like LastPass, 1Password or Dashlane.
These password managers require users to have one master password which it then encrypts and stores passwords for all other sites and services.
Enable two-step authentication
Two-step authentication is one of the simplest ways to provide an additional level of security. After you enable the two-step verification, you would receive a string of numbers on your phone via text message or voice call that you would need to enter before logging in.
Although the context of this story is related to the massive Yahoo breach but you should enable two-step authentication for all your accounts to prevent your accounts from being compromised.
Use Yahoo Account Key
For Yahoo in particular, you can use its own service called Account Key. This service eliminates the need to store a password, instead users receive a notification on their smartphone to which they need to tap in order to sign in.
Yahoo appears near deal to sell core assets
You can enable Account key here.
Stop using Yahoo
Last but not the least, it’s advisable to simply switching to other email services. The hack is over — well, it was actually done back in 2014 —and it has given us an opportunity to reconsider our email preferences. Gmail and Outlook are some of the better alternatives available out there.
This article originally appeared on Mashable.
According to a long investigation, leaked account information may have included names, email addresses, dates of birth, telephone numbers, hashed password, encrypted or unencrypted security questions and answers. If your password was not leaked, it doesn't mean you shouldn't change it.
Potentially affected users are likely to be notified by Yahoo. However, it is advisable for all Yahoo users to take the following steps for added security.
Update your Yahoo accounts
This goes without saying, affected users need to update their accounts. Yahoo has invalidated unencrypted security questions of those users it believes have been affected, but everyone should go and change their password, especially if it hasn't been updated since 2014.
Yahoo says at least 500m accounts hacked in 2014
Change passwords, security questions that match your Yahoo's passwords and security questions
People tend to keep the same password and security questions for multiple accounts/services. If you are one of them, take this opportunity to do what you should have done a long time ago — go to those accounts and change passwords and security questions. Try not keeping similar passwords for multiple devices as it’s a hackers’ lottery if they find a user with similar passwords.
Use password manager
Using a similar password is often convenient for most users as keeping track of differing passwords can be difficult at times. To help solve this problem, you can use password management systems like LastPass, 1Password or Dashlane.
These password managers require users to have one master password which it then encrypts and stores passwords for all other sites and services.
Enable two-step authentication
Two-step authentication is one of the simplest ways to provide an additional level of security. After you enable the two-step verification, you would receive a string of numbers on your phone via text message or voice call that you would need to enter before logging in.
Although the context of this story is related to the massive Yahoo breach but you should enable two-step authentication for all your accounts to prevent your accounts from being compromised.
Use Yahoo Account Key
For Yahoo in particular, you can use its own service called Account Key. This service eliminates the need to store a password, instead users receive a notification on their smartphone to which they need to tap in order to sign in.
Yahoo appears near deal to sell core assets
You can enable Account key here.
Stop using Yahoo
Last but not the least, it’s advisable to simply switching to other email services. The hack is over — well, it was actually done back in 2014 —and it has given us an opportunity to reconsider our email preferences. Gmail and Outlook are some of the better alternatives available out there.
This article originally appeared on Mashable.