Not sure if anyone else has been experiencing something similar but lately I've been receiving a lot of emails from Spotify, Blizzard and EA saying that I requested a change of password/need my email to be verified.
I went through and changed my passwords after Google said my accounts were apart of a breach (thanks Shopback) but obviously I still have people trying to access my accounts. Anyone have previous experience or any advice to make sure no one can steal my shit?
Cheers
2FA yes and a password manager. Bitwarden is free but the paid ones are well worth it.
^ This, and as much as it is a PITA, use at least a few different passwords across your accounts. That way if you do get compromised, they won't be able to access everything.
Using a password manager with different passwords for every site is better
Get a custom domain name for about $10 a year with privacy protection and a cheap email host that will forward all emails to your primary email address. For example, [email protected] gets automatically forwarded to [email protected]. Setup new email addresses for all your logins you care about, maybe adding on additional randomness to make it even harder to guess; [email protected].
Use a password manager like 1Password or Bitwarden or others to create difficult passwords that you can't remember and save the login details for you. That way you only need to remember/write down somewhere random one master password.
Just change the email address on each account completely. Gmail has good functionality to do this.
[email protected]
[email protected]
[email protected]
https://gmail.googleblog.com/2008/03/2-hidden-ways-to-get-mo…
Append a plus ("+") sign and any combination of words or numbers after your email address. For example, if your name was [email protected], you could send mail to [email protected] or [email protected].
I tried this when signing up to Woolworths Rewards recently as I didn’t want to have to create yet another email address. Their system had no problem with me typing in my main Gmail address, but as soon as I added the + and additional letters, it rejected it as an invalid email, and wouldn’t recognise it.
I tried sending emails to the + address from my work email etc, and they came through to my Gmail inbox without any issues, so the + thing does work! Will have to try it again when signing up for something else.
well i guess you already figured it out after the shopback data breach - don't reuse passwords and make sure they are strong
Use 2FA when available and a password manager. Never use the same password for different logins. Choose strong password with a combination of lower and upper case, numbers and symbols.
2 factor authentication login where ever you can and to login to your email account as well.