By Mark Struczewski on Fri, 12/20/2013
It seems that almost every day we read a story about a company getting hacked. There's no doubt that hackers have been very busy lately. But there is no need to live in fear. There are things you can do to protect your privacy at home and on your iDevice.
While this list is far from being exhaustive, I give you three ways that you can protect yourself from hackers, those who steal your phone, and yourself (as in when you lose it).
Keep it locked
When you are away from home, you should keep your iDevice locked. It's very important to do this because chances are really good that you stay logged into all your social media profiles. If you were to lose your iDevice (whether you left it somewhere or it was stolen), the person who has it would have access to all of your signed-in accounts. Apple gives you two options (three with the 5s) to lock your iDevice:
- 4 digit PIN
- TouchID (5s only)
You can access these settings under Settings > General.
Can these be cracked? Yes. But they give you time to go to a computer (or to another iDevice you own), log in to your Apple ID, and disable your missing iDevice via Find My iDevice.
Enable Two-step verification
Two-step verification makes you virtually unhackable. Now, I hope it goes without saying (but I'll say it anyway): If you have two-step verification enabled but you leave your iDevice unlocked and it is lost or stolen, you are not protected.
What two-step verification does is requires you to have three items in order to access your accounts:
- your username
- your password
- your smart phone
When you log in to a profile with two-step verification enabled for the first time from a new computer or browser, you will receive a text message with a six-digit code that you will need to access your profile/account. For some accounts (such as Google) when you log in on your desktop computer, you will not have to re-enter the six-digit code for 30 days.
Two-step verification prevents someone who stole your username and password by hacking a company from accessing your account because they still need to have access to your smart phone.
An exhaustive explanation of two-step verification is beyond the scope of this blog post. I encourage you to look it up and give serious consideration to adding it. It's tedious to set up, but the protection it offers is worth it.
Some places hat offering two-step verification now include Google/Gmail, LastPass, Apple, Facebook, Twitter, Dropbox, Evernote, PayPal, Microsoft, Yahoo, and LinkedIn. More websites are adding two-step verification all the time.
I hope I don't need to tell you that "password1234" or your name or your last name and the four digit month/date of your birthday are NOT good passwords.
Complex passwords are much harder to crack. What is a complex password? It has at least eight characters (the more the better), upper and lower cases letters, numbers and special characters. I use LastPass (the desktop version is free, the mobile version is $12 annually) to create my complex passwords. And your LastPass master password must be complex as well (otherwise, your other passwords are not secure). I only have three passwords memorized: my LastPass password, my Apple ID, and my bank password. LastPass remembers the others for me.
Important note about passwords and your social media profiles: do not have the same password for more than one account. Your Facebook password should be different than your Twitter password which should be different than your Google+ password, etc.
I have given you three ways to keep your iDevices safe: lock your iDevice when away from home, enable two-step verification, and use complex passwords. What other ways do you have?