help! I’ve been hacked

The recent news that Yahoo! had as many as a billion user accounts compromised makes headlines, but more attacks on web security and privacy are inevitable.

Here’s a few steps to take:

And to add to the pain, apparently Yahoo! users also may have had their security Q&A compromised. Here’s a pretty good roundup of concerns and solutions for those folks.

For Gmail users:

For Facebook users:

Some general tips:

  • Don’t use the same login / password /security questions for every account. It’s best if you use a different password for every account, but you should at least have separate identities for any sites you use for business, banking, health, employment and so on.
  • Don’t save your credit card information online. It’s an extra step when you buy something, but it’s one thing less to worry about if a site you use gets hacked.
  • Do use two-step authentication. That’s the annoying extra step of connecting your account to a second device, like a cell phone. You won’t find it so annoying if it keeps your information secure.

On library computers, please help us keep you secure. We have two pieces of software to keep you secure, but a little common sense from you can help that software do its job:

  • Ensure there are no “keep me logged in” or “remember me” boxes checked before you sign into a site.
  • If you need to download files to print (or for any other reason), delete the files before you log out.
  • Log out of all websites before closing your browser. And log out of the PC before you walk away.
  • Close all windows, then double-click the little white rectangle top dead center on your screen and use the “End session” button. That deletes any temporary files running in the background when you log out.
  • DO NOT exit by pushing the power button. That can look like an accidental crash to a program that will then try to restore your work. It’s the worst possible way to log out.
  • For more security, start your searches at a browser that does not track you, like DuckDuckGo.