Secure Your Accounts
8 minute read
Protect yourself in 30 minutes. No technical knowledge required.
What you'll need: Your phone and access to your email
Step 1: Secure Your Email (10 minutes)
Why this matters: Your email is the master key to everything else. If someone gets into your email, they can reset passwords on all your other accounts.
Change your email password
- Go to your email provider’s security settings:
- Create a new password that is:
- At least 12 characters long
- Not used on any other website
- Not based on personal info (birthdays, pet names, etc.)
Easy method: Think of a sentence and use it as a password.
- “My daughter Sarah graduated in 2020!” → Great password
- “IlovemydogMax” → Okay but predictable
Turn on two-factor authentication (2FA)
Two-factor means even if someone gets your password, they still can’t log in without your phone.
How to enable:
- Gmail: Security → 2-Step Verification → Get started
- Outlook: Security → Advanced security options → Two-step verification
- Yahoo: Account security → Two-step verification
- Apple: Settings → [Your name] → Password & Security → Two-Factor Authentication
Choose “text message” or “authenticator app” when prompted. Text message is fine.
Check recent activity
Look for logins you don’t recognize:
- Gmail: Security → Your devices
- Outlook: Security → View my sign-in activity
- Yahoo: Recent activity
If you see unfamiliar locations or devices, change your password immediately.
Step 2: Check If Your Info Has Been Leaked (5 minutes)
Use Have I Been Pwned
- Go to haveibeenpwned.com
- Enter your email address
- It shows if your info appeared in known data breaches
If you show up in breaches:
- Change passwords on those specific sites
- If you used the same password elsewhere, change those too
- Don’t panic—most people show up. Just take action.
Step 3: Secure Your Important Accounts (10 minutes)
Focus on accounts that have:
- Your money: Bank, PayPal, Venmo, Cash App
- Your identity: Government sites, health insurance, tax software
- Your stuff: Amazon, Apple/Google account, streaming services
For each important account:
- Change to a unique password (different from all others)
- Turn on 2FA if the option exists (usually in Settings → Security)
Can’t remember all these passwords?
Use a password manager—it remembers them for you:
- Bitwarden — Free, works everywhere
- Apple Keychain — Built into iPhones/Macs
- Google Password Manager — Built into Chrome/Android
You just remember one master password, and it handles the rest.
Step 4: Quick Phone Security (5 minutes)
Set a strong screen lock
- Use 6-digit PIN minimum (not 1234 or your birthday)
- Or use face/fingerprint if available
Update your phone
- iPhone: Settings → General → Software Update
- Android: Settings → System → Software Update
Install any waiting updates. They often fix security holes.
Review app permissions
Check what apps have access to your location, camera, and contacts:
- iPhone: Settings → Privacy & Security
- Android: Settings → Privacy → Permission manager
Remove access from apps that don’t need it.
You Did It!
Your accounts are now much more secure than the average person’s.
Keep it going:
- Use unique passwords for every site
- Be suspicious of “verify your account” emails
- Keep your phone and apps updated
- Consider a password manager if you haven’t already