On Fri, Feb 22, 2019 at 2:42 AM Udhay Shankar N <[email protected]> wrote:
> On Fri, Feb 22, 2019 at 2:04 PM Udhay Shankar N <[email protected]> wrote: > > > > 1. Log out all gmail/facebook/other social sessions (Most providers give > > you the option to "log out all current sessions") > > 2. Change all the passwords of pwned email addresses > > 3. Enable 2FA EVERYWHERE that supports it. Ideally, with a hardware token > > such as a yubikey. > > > > Additionally, I'd also suggest you log in to your various (potentially) > compromised accounts, check under security setting to see if the backup > email address (where password reset notifications are sent) and backup > phone number have been tampered with. > In addition to all of those steps, I also recommend using unique passwords in all the sites. It is not going to be possible for you to remember that many unique passwords (especially if you choose strong passwords). I recommend you choose strong passwords that you memorize for one or two of your key accounts (Google, Facebook). And use a password management (I personally use keepass) to generate and store strong unique passwords for your other sites. Thaths > > -- > > ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com)) > -- Homer: Hey, what does this job pay? Carl: Nuthin'. Homer: D'oh! Carl: Unless you're crooked. Homer: Woo-hoo!
