10 Tips for Securing Your Online Accounts

11 min read

Here we provide some easy and pro tips on how to protect yourself while using the internet.

It is crucial to take precautions in the modern digital world to safeguard your online accounts and defend against hackers. It's essential to be aware of the risks and take precautions to protect yourself given the rise in cyberattacks. Here are some recommendations for securing and protecting your internet accounts from hackers.

1. Use Unique Emails for Sensitive Accounts#

Use a separate email account for sensitive or crucial communication. Avoid utilizing your personal email for business purposes. Use a separate device to access sensitive information or accounts.

Pro Tip: Privacy First Email Services#

Email services that prioritize user privacy may also offer additional privacy-protecting features, such as the ability to generate temporary email addresses or to use pseudonyms instead of actual names. Some email systems that prioritize privacy may also be open source, meaning the source code is publicly accessible and may be independently examined for security issues.

  • Apple iCloud temporary email alias is a supplementary email address associated with your iCloud account that can be used to send and receive emails. It is removable at any time.
  • Using DuckDuckGo, you may generate a private Duck address that gives an additional degree of anonymity by making it difficult for tracking businesses to identify you based on your email address.
  • ProtonMail supports end-to-end encryption and disposable email addresses.
  • Additionally, Hushmail includes end-to-end encryption and the ability to create disposable email addresses.
  • StartMail facilitates the sending of encrypted emails, as well as the creation of disposable email addresses and the use of pseudonyms in lieu of actual names.
  • Mailfence also provides end-to-end encryption, disposable email accounts, and digital signatures to authenticate the validity of emails.

2. Use Strong Passwords or Passphrases#

Using strong passwords is one of the most crucial things you can do to protect your online accounts. A strong password should be at least 16 characters long and include a mix of uppercase and lowercase letters, numbers, and symbols. Avoid using common terms or phrases since hackers can readily guess them. In addition, it is essential to establish unique passwords for each of your online accounts.

Pro Tip 1: Regularly Change Your Password#

As a precaution to safeguard your accounts and personal information, it is best recommended that you alter your passwords frequently. This is due to the fact that attackers often use automated tools to try to guess or break passwords, and changing your password periodically can assist you overcome them, as even if they are successful in acquiring your password, they would only have your outdated password, which is useless to them.

Pro Tip 2: Use Passphrases Instead of Password#

A passphrase is a lengthy, easily-remembered phrase used as a password. Passphrases are often substantially longer than passwords, making brute force and dictionary attacks less effective against them. Passphrases are frequently seen as more safe than passwords because they are typically longer and simpler to remember than passwords.

For example, a passphrase such as "correct horse battery staple" is more secure than a shorter password such as "h0rs3b4tt3ryst4pl3" because it is longer and contains a combination of words and spaces, making it more difficult for an attacker to guess.

It is essential, however, to select a passphrase that is unique and not easily guessed, and to avoid using common phrases or terms that may be found in a dictionary. To make the passphrase more secure, it is also advisable to include a few special characters and digits.

Overall, passphrases are a viable solution for securing accounts, particularly if you have difficulty remembering complex passwords. However, it is still essential to select strong, unique passphrases and to safeguard them in the same manner as a regular password.

3. Avoid Sharing Your Login Credentials with Anyone#

Sharing your login information with anyone can jeopardize the security of your accounts, therefore it's crucial to avoid doing so. If you give someone your login credentials, they might be able to access your accounts and possibly steal your personal data or do harm. You can help ensure that only you have access to your accounts and the information they hold by keeping your login information private.

Additionally, sharing your login credentials goes against the terms of service for many online services, and you may risk having your account suspended or terminated if you do so. Therefore, it's generally a good idea to keep your login information private and only share it with trusted individuals who need access to your accounts.

4. Use Password Manager#

A password manager is a toolkit that enables you to establish and store secure, unique passwords for all of your online accounts. Typically, these products include a password generator that may generate random, complicated passwords that are difficult for an attacker to guess or crack.

Once a strong password has been generated using a password manager, the tool will keep it in a secure, encrypted password vault. The password can then be retrieved by logging into the password manager with a master password or another form of authentication.

Using a password manager can be a secure and simple way to manage your online passwords, since it enables you to use strong, unique passwords for each account without having to remember them all. This can assist prevent the compromise of your accounts due to weak or overused passwords.

To protect your password vault, it is essential to utilize a reliable password manager and a strong, unique master password. You should also avoid revealing your master password with others and log out of the password manager when finished.

Pro Tip: Use an Offline Password Manager#

An offline password manager is a tool that enables you to store and manage your passwords locally, as opposed to in the cloud or on a server managed by the password management provider. If you are concerned about the security of your passwords and wish to store them on your own device, this feature can be handy.

To utilize an offline password manager, you must install the password manager program on your device and generate a master password or other authentication method to access your password vault. The password manager can then be used to generate and store secure, unique passwords for each of your online accounts.

A benefit of utilizing an offline password manager is that your credentials are saved locally, making them immune to online attacks and data breaches. However, it is essential to remember that your passwords will only be available from the device on which the password manager is installed; therefore, you will need to ensure that the device is safe and have a backup plan in case it is lost or stolen.

Overall, an offline password manager can be an excellent choice if you wish to save your credentials locally and are ready to assume additional responsibility for device security.

5. Enable 2 Factor Authentication#

When logging into an account, two-factor authentication (2FA) requires you to input a code given to your phone or email in addition to your password. This makes it significantly more difficult for hackers to access your account, as they would need both your password and the code provided to your phone or email. Enable biometric authentication on your device, such as fingerprint or facial recognition, if supported.

Pro Tip 1: Avoid SMS 2FA#

SMS 2FA is a typical kind of two-factor authentication that involves delivering a code through text message to a user's phone to validate their identity.

SMS based two-factor authentication can be an effective method of preventing illegal account access, but it is typically regarded as less secure than other forms of two-factor authentication. This is due to the fact that attackers can intercept or divert SMS messages, phone numbers can be spoofed or hacked, and SIM cards can be compromised.

It is often recommended to utilize more secure forms of 2FA, such as the Google Authenticator app or hardware security keys, which we shall explain in a moment, to protect against these types of assaults. These methods of two-factor authentication do not rely on SMS texts and are generally regarded as more secure.

If you are concerned about the security of your accounts, you may wish to disable SMS 2-factor authentication and use a more secure method of 2-factor authentication instead.

Pro Tip 2: Use a Hardware Security Key or Physical Token for Added Protection#

A hardware security key or physical token is a tiny device that can be used to add an extra layer of protection while accessing online accounts or services. Typically, these devices function by generating a one-time code or by offering a secure method of authenticating your identity via "public key cryptography."

In order to utilize a hardware security key or physical token, you must configure it with your online accounts or services. Typically, this includes plugging the key into a USB port on a computer or pairing it with a device via Bluetooth or NFC (near field communication). You can then use the key to provide additional authentication when accessing sensitive information or entering into your accounts.

Since hardware security keys and physical tokens are typically more secure than other two-factor authentication methods like SMS messages or software-based two factor authenticators, they can add an extra layer of security against illegal access to your accounts. Having these devices on hand and being able to access your accounts from any device makes them convenient to utilize.

6. Be Aware of Phishing Scams#

In order to deceive people into disclosing sensitive information like passwords, credit card numbers, or personal information, attackers send fake emails or messages that look to be from reliable sources. This practice is known as phishing. In order to fool consumers into entering their login credentials or other sensitive information, phishing schemes frequently employ fake websites or links that are created to look like they are associated with reputable businesses or organizations.

It's critical to recognize the warning signals of a phishing assault and take precautions to safeguard yourself in order to avoid falling victim to such attacks. Here are a few tips to help you avoid falling victim to a phishing scam:

  • Be wary of unsolicited emails or messages requesting personal information or login credentials.
  • Do not download attachments or click on links from unknown sources.
  • Be skeptical of emails or messages that contain threatening or urgent language, or that promise a sense of urgency or reward.
  • Before inputting your login credentials or personal information on a website, verify its URL. Authentic websites typically have a secure URL beginning with "https://" and a padlock icon.
  • Utilize a password manager. A password manager can automatically populate login forms with your saved username and password, decreasing the likelihood that you will fall victim to a phishing attempt by manually entering your login credentials on a fraudulent website.
  • Utilize anti-virus and anti-phishing software to protect against phishing attacks.

By being aware of phishing scams and taking precautions, you can prevent attackers from gaining access to your sensitive information.

7. Keep Your Software Up-To-Date#

Keeping your software up-to-date is a crucial security strategy that protects your devices and accounts from a variety of attacks. Typically, software updates contain patches for exploitable security flaws and other issues.

By installing software updates you can help safeguard your devices and accounts from known threats. This is particularly vital for essential systems and services, such as your operating system, antivirus software, and web browser.

You can protect your devices and accounts from known vulnerabilities and other security risks by installing updates as soon as they become available.

8. Don’t Use Public WiFI and Use a VPN#

Stay away from utilizing public WiFi networks that can access private data or accounts. When using a public WiFi network to access the internet, use a virtual private network (VPN).

A virtual private network (VPN) is a secure link that encrypts all data exchanged between two networks. Encryption makes it considerably more difficult for hackers to intercept any data transmitted across the connection. In addition, a VPN can shield you against fraudulent websites and other online dangers by concealing your IP address and location from prospective attackers. Avoid utilizing public or insecure networks and computers to access your accounts.

9. Basic Operating System Security (Disk Encryption, Firewall, and Antivirus)#


Enabling encryption on your operating system helps prevent unauthorized parties from accessing your data. Encryption is the process of encrypting data so that it may be viewed only by those who have the correct decryption key, password or passphrase.


The firewall manages incoming and outgoing network traffic based on predefined security rules. By preventing undesirable connections and monitoring network activity, a firewall can help protect your device or network from harmful traffic and attacks.


Anti-virus software, often known as anti-malware software, is a sort of security application meant to detect and eliminate malware from your system, such as viruses, worms, and Trojans. Antivirus software can prevent your device from becoming infected with malware, as well as scan and remove them as soon as they are detected.

Utilizing a firewall with anti-virus software can be an efficient method for defending your device and network from a variety of threats. Both of these tools must be kept up-to-date to guarantee that they can protect against the most recent threats. Additionally, you should utilize firewall and anti-virus software that is reputable and trustworthy, as some programs may not provide adequate security or include malware itself.

10. Monitor Your Accounts#

Use caution when sharing personal information online. It is essential to routinely monitor your online accounts for any unusual behavior, such as unauthorized logins or changes in account settings.


  • Enable privacy settings on your social media accounts to restrict access to your personal data.
  • Enable login notifications to receive notifications whenever someone logs into your account.
  • If you notice anything suspicious, immediately contact the service provider and change your password.
  • To be notified of any suspicious activity, enable security alerts and notifications on your accounts.
  • To track any suspicious activity, enable activity logging on your accounts.
  • Activate login authorization or approval on your accounts.