As long as it isn't, activate 2nd factor security to all (especially high value) accounts you have! Especially your password vault, your email-accounts (password-resets will go there ;-)) and your bank accounts. 2FA will make it hard for hackers, even if they get hold of your password.
What to do if your vault is somehow compromised and all your passwords are at risk and you need to change all your passwords? Since that could be a lot of work, you might want to prioritize and:
- Change your master/vault password (just so in case they decrypt your old one, they can't access new information)
- Change your most valued services first: email, bank etc
- Think about what services you use to log in to other services, like signing in to a website using your Google/Facebook/Microsoft/Twitter/Apple...-account > change the password of those 'super services'
- Check if your service offers the option to help with changing passwords: more and more services are starting to provide a service like that, like Google, LastPass etc (btw: see how usefull those services are? What if we would be signing in to all of our sites with just those services: on a breach, we would only need to change those passwords :-))
- Go through the list of accounts in your vault and check whether you maybe forgot some high value account ... While going through that list, maybe delete the accounts you know are really old (if you want, check if the account still works and delete it in the service)
- Change your most used services: many password managers show you when you last logged in to an account and you can sort your list on last used
- Review all your 'notes' and see if anything in there is also sensitive (challenge questions, backup codes etc)
- Change the rest
Geen opmerkingen:
Een reactie posten