How to protect yourself from hackers
1) Turn on two-factor authentication and your account will remain secure even if your password is hacked
Two-factor authentication is becoming standard for password security. With two-factor, a user enters their password, then goes through a second round of screening, usually by entering in a code they received in a text message. For the most part, this second step would stop most hackers in their tracks, since they’d have to steal your phone in order to proceed.You can usually find two-step authorisation in your account settings. It’s available on Facebook, Twitter, Gmail, Snapchat, and a ton of other services — just make sure you actually turn it on.
2) Use a password manager so you won’t have to remember each one
A password manager (such as LastPass or 1Password) can securely store all of your passwords for everything from your email to bank account in one spot, so you don’t need to remember each one. Instead of coming up with a strong password filled with various symbols and letters yourself, most password managers can generate very strong passwords for you, encrypt them, and keep it on file, so you don’t have to have them written down. Then, you only need to come up with one really strong master password.
3) Use passwords with at least 14 characters that can’t be found in the dictionary
The 25 worst passwords of 2015 include entries like “123456,” “football,” and “password,” and these can all be easily guessed by an attacker. And we’re not talking about a hacker typing in different passwords until they get it right; most have software that can guess hundreds and thousands of passwords a minute. So it’s best to use something much stronger. You should use a password with at least 14 characters which has a number of uppercase and lowercase letters, and symbols in it. A password like “SYjfinevowpa23ss” — that has no real meaning and plenty of symbols to throw off a hacker — is going to be a lot better to use. But even using a phrase, like “this password security thing works,” is going to be stronger than most. There’s also a problem for the user: Memorising that password full of hard-to-remember characters.
4) Be wary of emails asking you to do something, or phone calls about the security of your accounts
Around 91% of targeted cyber attacks begin with a “spear-phishing” email, a trick designed to get a specific person to click on a link, give up their password, or download malware. These types of emails are designed to look like the real thing, and are really hard to judge at first glance. A scammer might email saying your PayPal account has been hacked, and you need to update your password. But once you click the link, you are actually giving them your password, not changing it. The key is to make sure you are on a legitimate page like paypal.com, and not a scam site with an address like www.paypalsecurity.xyz. The same goes for suspicious phone calls. Hackers often use “social engineering” to convince a person to help them. So it’s important to remain skeptical of calls from people claiming to be customer service representatives, since most companies don’t call out, and almost all will never ask for passwords.
(Thank you to Business Insider for the info!)