How to protect your email account from Equifax hackers in 5 minutes

If the Equifax breach caused 143 million U.S. consumers to have their email credentials, Social Security numbers and birth dates, plus other personal information accessible to hackers, then that equates to roughly 55% of Americans age 18 or older who have been affected, according to an article in The Wall Street Journal.

The good news is that anyone over 18 should be able to protect their email account from Equifax hackers in 5 minutes.

If the Equifax hackers stole your email address and password, there’s a good chance it will be “for sale” on the dark web. That means your personally identifiable information is at risk of propagating out to legions of cybercriminals.

The first obvious thing to do — which you should do right now if you haven’t already — is change your password. But don’t stop there.

Next, turn on two-step verification (a.k.a. multi-factor authentication) in your email account. This post on CSO explains more on why and how to do it in 5 minutes.

In a nutshell, you’ll have a two-step process for logging into your email account. First, you’ll type in your login ID and password. Then you’ll need to type in a secret code that your email provider texts to your mobile phone each time you attempt to login.

This way, a hacker can’t access your email unless they have your phone. You’ve turned your phone into a physical key!

(You can configure two-step verification so that it recognizes the device you’re logging in from — i.e. your PC, Mac or laptop — and you won’t need the special code each time you log in, which would be a nuisance.)

Two-step verification is a basic and powerful feature in Gmail, Yahoo Mail, AOL Mail, and other popular email services.

Organizations should instruct all of their employees to turn on two-step verification in their personal email accounts. It’s also a good idea for corporate email accounts to require two-step verification. Some consumers may have shared their business email information with Equifax.

If you don’t turn on two-step verification in your email account, then you’ve got no one to blame but yourself when you get hacked — and there’s a good chance you will.

Or you can set it up so that when a cyber thief tries logging into your email account, they’ll be prompted for the secret code (which only you have on your phone).

Consumers are notoriously lax when it comes to cybersecurity. That bad habit needs to change today.

Email security resources:

• Gmail two-step verification: This 3-minute YouTube video from Google explains how Gmail and smartphone (iPhone, Android, Blackberry) users can turn on two-step verification. Or you can read this on the Google Support site.
• Yahoo Mail two-step verification: This post on the official Yahoo! Help site explains how Yahoo! Mail users can add two-step verification for extra security.
• AOL Mail two-step verification: AOL Help explains how to enable 2-Step-Verification in the AOL Desktop Software which includes AOL Mail.

Visit SteveOnCyber.com to read all of my blogs and articles covering cybersecurity.

Follow me on Twitter @CybersecuritySF, or connect with me on LinkedIn. Send story tips, feedback and suggestions to me here.