Yahoo has reported a massive data leak and it claims that it is a "state-sponsored" attack. This can become one of the worst data-leaks in the history of modern technology. According to the company's official statement, the leak can affect around 500 million subscribers all over the world.
The company has released emails to the accounts that are potentially under threat asking them to take certain actions to re-secure their profiles. Users who have received the mail should definitely take quick action but since the nature of the leak is still unclear, all users who either use Yahoo directly or have linked other accounts with a Yahoo email should take precautionary steps to deflect any probable hack.
Here are a few things you could do to keep your account secure:
Note: These suggestions can be used for most email providers
1. Log-in to your Yahoo account, you'll find a setting gear symbol at the top right of the page.
2. Scroll down to the pop-up and you'll find an option 'Account info', click on that.
3. The link will take you to Yahoo's Account info page which will have sub-sections on the left half of the screen.
4. Click on the sub-section 'Account-security'.
5. On the right side of the page you'll find a toggle for a two-step verification, turn that on.
6. You will get a prompt from Yahoo to send you a OTP (one time password) to the registered number
7. Once you verify your number the two-step verification will get activated
Disclaimer: The user will have to log-in using the two-steps every time they sign-in from that account. So, leaving the phone at home won't be an option.
Apart from this specific process, these are a few password-basics users should have in mind:
1. Try not to use your name or number as a password.
2. Always include special characters and numbers in your password.
3. Longer the password, safer your account. Use a minimum of 8 characters in your password.
4. Use different passwords for different accounts.
5. Try starting your password with a random special character, it reduces the chances of a hacker guessing it.