How to protect your online accounts — a guide for regular people (not techies)

State-sponsored theft

You’ve probably already been hacked

Your turn: look up your email on Have I Been Pwned

  1. Point your browser to
  2. Enter your email address
  3. Cringe

Wait, is this site sketchy?

But who cares if hackers see my photos


So what should you do?

Unique and strong

  • Unique: different password for each site.
  • Strong: hard for a hacker to guess.
  • Every: do this diligently for every site.

Write it down

Max out the length

Use copy/paste

Use the keyboard

  • Select all: ctrl-a
  • Copy: ctrl-c
  • Paste: ctrl-v
  • Select all: command-a
  • Copy: command-c
  • Paste: command-v

Nerd alert; feel free to skip

Easy to type

Reduce Apple iCloud risk

Use text messages in addition to passwords

Don’t remember

Use FaceID to log into apps

  • WhatsApp
  • PayPal
  • Amazon
  • Dropbox
  • Hilton
  • United
  • JetBlue
  • Verizon
  • Notability
  • Evernote
  • Apple App Store
  • Apple Wallet
  • 1password
  • Google Authenticator
  • Google Chrome

Store your passwords

Secure your password store

Your master passphrase should focus on one concept

Use Spotlight when typing out your master passphrase

Don’t get locked out of your password store

Stay organized

Secure, unique phone PIN

Secure, unique laptop password

Extra credit: password manager

Extra credit: Google Authenticator

How to use Google Authenticator to secure your Gmail

Note to techies




Occasional thoughts on tech, sailing, and San Francisco

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Authentication Bypass using OTP

The Dawn of BioCyber Warfare

StaFiHub and IRISnet Team up to Launch rIRIS Token Liquid Staking Solution

Detecting EDR Bypass: Malicious Drivers(Kernel Callbacks)

{UPDATE} Offroad-Euro-LKW-Fahrer-Spiel Hack Free Resources Generator

{UPDATE} Lep's World 2 - Running Games Hack Free Resources Generator

#SAL Burn Transaction

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Al Sargent

Al Sargent

Occasional thoughts on tech, sailing, and San Francisco

More from Medium

Who did call a runtime broker, and why is it running on my computer?

Hardware Hacking & the Importance of Proper Digital Media Sanitization

7 vulnerabilities patched in Wireshark. Update immediately

Article of the Day: Hacking and Proxy Warfare