You’ve heard all that Yahoo had a billion email accounts hacked recently. What do you do about your hacked Yahoo email account? How does this security threat affect you and your business? What can you do to secure your informaiton? Here are some ideas.
Even if you have an ancient Yahoo email account from a long time ago, it’s good to be proactive about resolving this situation. If you’re using Yahoo Mail today, it’s time to stop.
Hackers stole user data from more than one billion Yahoo accounts, the company confirmed Wednesday. Yahoo announced that an “unauthorized third party” hacked these accounts in August 2013 and is “likely distinct” from the hack the company disclosed back in September that affected 500 million accounts. That said, Yahoo believes the two separate hacks could have perpetrated by the same jerks.
The statement says that for “potentially affected accounts, the stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5, an old security technology) and, in some cases, encrypted or unencrypted security questions and answers.”
Unfortunately the data that was hacked includes passwords and password retrieval hints including things like your mother’s maiden name, if you had that as part of how you retrieve your password.
If you’re using Yahoo Mail for business, you’re not only endangering yourself with these repeated attacks on the service but also potentially harming your customers with these information breaches. And a significant breach could mean your customers come after you.
Many people also have insecure passwords that can be easily hacked. Again, your personal information is at stake. Whomever you’re corresponding with is also at risk through hacks of your account. It’s not pretty.
What Do I Do?
The most obvious thing is to dump Yahoo entirely. Today. They’ve repeatedly proven that their ability to secure your account is, at best, incompetent. So what’s the next step?
I recommend using a service to get what’s called an IMAP or Microsoft Exchange account. These types of accounts store your email on their servers. If you’re using a phone and a computer to read emails, this type of system will mark an email as read or deleted if you read or delete it on one device so you can check your email on your phone, for example, and then see that you’ve read it when you go back to your computer.
Companies like GoDaddy and hover.com as well as countless others offer this service. Honestly, I’ve had issues with Godaddy’s email system but Hover has worked great. With a Hover account, you can actually reserve a domain name of your choosing and have a slick email address such as firstname.lastname@example.org. That’s much better than telling the world you’re using Yahoo.
Of course Gmail is also an option and you may already have a Gmail account. Gmail has proven to be secure and free. The downside to Gmail is that you’re advertising Gmail instead of your own name. However Google also has a paid version of Gmail where you can use your own domain name while taking advantage of the features and security of Gmail.
When asked for things like my mother’s maiden name or my first pet’s name I actually don’t provide the real answer. There is no verification of this so I use things like made up names. Instead of my mother’s real maiden name, for example, I put nonsense. I use a separate password for every website and the passwords are purposely difficult to remember and not actual words, but mixtures of words, numbers and other characters.
Also, don’t use things about you that someone can guess. There’s a famous story of the celebrity who used her dog’s name as their master password and, of course, their dog’s name was common knowledge. It didn’t take much effort to get into their account and see all the pictures they didn’t want shared.
I also use a password manager tool to help me remember these passwords and, of course, it’s password protected. I can see the passwords on my computers as well as on my phone and my wife has the same access so if she needs to get into any of my accounts she can.
These Yahoo hacks have been a real challenge and don’t seem to be slowing down at all. Based on their weak security technology and the repeated hacks, it’s absolutely time to dump Yahoo. This can be an opportunity to get your own unique email address and a password management system.
Hover - domain registrar and email provider (this is an affiliate link)
How to switch from Yahoo to GMail