The Associated Press Twitter breach shows that no one is immune from being a target for hackers and phishers looking to wreak havoc. While a compromised account may not necessarily cause the same scale of damage, it’s important to secure your online accounts to prevent hackers from gaining unauthorized access. While this may not prevent being hacked entirely, these steps can help mitigate the damage caused by a security breach.

1. Choose a strong password

This cannot be said enough. Choosing a password with at least eight characters using numbers and special characters can go far to keep hackers from brute forcing or guessing your password. Or if you’re looking for something that you can remember while still secure, you can consider the XKCD method of using four random common words.

2. Using Two-Factor Authentication

Two-factor authentication works under the principle of using something you know and something you have to verify your identity. While not all online services have this feature implemented, major services such as Google and Facebook offer two-factor authentication. How it works: Whenever you login to your account online, it will also ask for a code from your authenticator, a device or smartphone app which generates a code; this code and your password allows you to access your account while verifying your identity.

3.Browse using HTTPS

When you surf the web, the information you send and receive is typically sent unencrypted. Google and Facebook have options to allow you to browse their sites using HTTPS, a more secure protocol than HTTP. For the more paranoid, “The Electronic Frontier Foundation,” has a browser plug-in called HTTPS Everywhere that tries to use HTTPS with every website you connect to.

Padlock
Browsing the web using HTTPS can help keep your accounts secure. Reuters

4. Ensure that you’re logging on to the real site

On all modern browsers, a padlock will show on the top or bottom of the browser to indicate that you’re securely connected to the site. But also check the address bar to make sure you’re at the site you think you’re at. Phishing works by tricking a user into typing their login information into a page that appears to be their normal login page, be it a bank or email account. Always check the email address of any email with links or requesting information to protect yourself as well.

SSL Certificate
Always makes sure the site you're visiting is actually the one you wanted to go to. Illustration: Luke Villapaz

5. Log Out

This is getting harder and harder to do as we continue to become ever more connected to the Internet via our smartphones. While logging out may not stop people from hacking our accounts across the globe, it could make the difference of a thief getting your smart phone vs. getting control of your entire Internet identity.

Mobile Phone
Mobile phones connect us to the world, but losing one could cause damage to your online accounts and online identity. Reuters

While you can’t secure yourself entirely, practicing these tips can help protect your accounts and your online identity.