We are now connected more than ever. We communicate with friends and family through social media; handle banking transactions, shop and communicate with our friends and colleagues online; transfer confidential files and sensitive information via email; and more.

If you think about it, most of our online transactions begin with email – we’re always asked what our email address is as it serves as our most unique footprint online. This is how we connect across multiple applications and accounts that provide different services.

With all this communication happening online, we risk exposing ourselves by revealing information that could be used by scammers or identity thieves if they successfully penetrate our email.

Treating your email as if it was your bank account is the first step towards ensuring a more secure presence online. Because when it comes to safety, it’s better to take proactive measures before the inevitable happens.

Here are some steps you can take today to make your email accounts more secure:

Create a strong password.
Use a combination of letters in lower case and upper case, numbers and symbols – these are harder to crack. As much as possible, do not use words and parts of your real name in creating your password. Use a system to remember such as taking the first letter of every word in your favorite song title.

Use different passwords for different accounts.
Using just one password for all of your online accounts is a big no-no. Taking the extra step for safety is always the best way to go about matters especially when it comes to securing your online presence and information.

Log out.
Take the time to clear your browser cache! It may save you time to not have to type in your username every time you log in, but in case your mobile device or laptop gets stolen, you’d be glad you did! Proactivity is the best policy. Being a little paranoid about your online security doesn’t hurt.

Create your own security question.
A lot of e-mail providers ask security questions whose answers serve as the “open-sesame” to your account in case you forget your password. It’s always best practice to provide your own security question that you are sure only you can answer – one that cannot be traced back to your social media accounts or is easily accessible through third party sources. If a person is eager to get to your account by bypassing this security measure, you better make sure you give them no chance of actually getting it right.

58 Comments
  1. This is a very informative article. I always set my password to everything the same and I use uppercase and lowercase letters along with numbers and puncation marks. I normally change my password every two weeks to be more secure.

    • Changing your password every two weeks? Do you use a password manager at all? That’s a bit overkill for security IMO. Honestly, it’d be a hassle really. Having to re-login on mobile devices for all accounts, it would just get annoying.

      • I agree. That would definitely be a hassle. It would be so hard to keep track of all those passwords! Every 3 or 6 months sounds more reasonable.

        • Even three months seems like it passes quickly. I only change my passwords when I feel the need to. When I accidentally use the same password for a new account.

    • Every two weeks too early to change all your password, I suggest just be cautious with what you download and what website you surf on the web, also pay attention on phising emails.

    • Wow, I hardly ever change my passwords (confession time ;)). This article really is informative though, I have learned a lot by reading it. I think I’ll go change my passwords right now just to be safe. Haha

  2. Good advice. So much is stored in email these days. If one were to break into mine they could find all sorts of private info. Another good tips is to turn on two step authentication. If someone logs on from an unknown device, google will require me to verify via text that it’s me. Just another layer of security.

    • I didn’t even realize that you could two step verify your email. I had it on one of my video game accounts and it was awesome. Great to know that I can set my email up for that as well. Thanks for the tip.

    • Two-factor authentications is always a great way to secure your account, In fact many website are starting to implement this protocol

    • I really should set up two-factor authentication. The only problem is that because at my workplace, I don’t have that great of a signal and the Wi-Fi is locked down to workstations owned by the company. So signing into my email at work would be problematic for me.

  3. Love the idea of treating your email like you treat your bank account, as well as using different passwords for different accounts. I am guilty often of using the same password for my many accounts and there have been times when I have regretted it. Being hacked is not fun. Cannot emphasize enough how important this article is. Great post. Thank you.

    • Don’t worry, I think more than one person is guilty of doing that. To be honest I’ve done that in the past, and yes, I have gotten hacked! Fortunately I lost nothing, but that was a wake up call to be more careful online.

      I really think most of us aren’t so careful with our accounts, specially our mails because we tend to take them for granted. Specially our mails… because they are free. I guess that’s why. But if I come to think about it… I’d be lost if I suddenly lost access to my e-mail account.

      • You’re not alone on that one. I tend to reuse a lot of my password across several accounts including email, social media and even for my pins.

        But when it comes to emails I tend to take it easy, I mean sure it’s a bummer to be hacked but you just have to consider which of your emails are really important.

        There’s really no use putting extra security on an account that has nothing but spam emails right?

  4. Thanks for the great post. Personally, I have been doing this tips for a long time. I try to choose passwords that are either personal or random and that are long enough to make it harder.

    I also have a separate email account for the sites that I go into, and a much professional email address for important stuffs such as billings and applications. This way I’ll have less spams on my emails and newsletter as well.

  5. This is a very informative article. I try to use different passwords for all of my email accounts. I have heard of people hacking email accounts and invading privacy and I do not want to be one of them.

  6. Thanks for the useful article! I do most of those things already 🙂 I have used the same password for several accounts in the past tho, but I no longer do that. I also use really hard to guess passwords, but I always write them down in my paper notebook next to my bed, because you never know!

    I’m actually more concerned about phishing and that kind of things, but I really try to keep my e-mail safe. No idea what I’d do if I lost access to it! I think I sometimes take my e-mail account for granted.

  7. I always put a lot of effort into my own passwords and have been fortunate enough to never have any issues arise with it. However, when I help my older folks setup their own accounts or passwords, they always have the simplest things. The logic behind it is that so they won’t forget it and I understand that. So I helped them make it just a bit more complex and had them write it down — only to have them lose the piece of paper. Oh boy… haha.

  8. I previously tried to use a different password for every account, but it was a pain to remember them all, especially if I don’t use an account for a while. I even tried to develop a system for remembering my password based on the name of the website, but it still wasn’t 100% effective.

    A good alternative that is much easier to use is LastPass. It uses a different password for all your accounts, so it’s almost as secure as doing it yourself.

  9. Strong passwords are key to a strong account anywhere. I have made accounts with weak accounts before and they have all gotten hacked. Brute forcing out a weak password is very easy to target. Although I agree that a custom security question is more secure, any exploit is a total exploit.

  10. I’m linking this to my sister who just got her email hacked into as a result of losing her phone. All of this is really good advise. I myself like to keep an actual notebook (which I keep in a safe), where I write down all my passwords and other sensitive information that I might forget. Its difficult to remember different passwords for your personal email, work email, Facebook, PayPal and other sites. I like to change my password every month or so just to be safe, and the notebook helps me remember.

  11. Changing the password for me si wayy too much. I will forget it easily and i have to do this at work and it sucks cause always have to get my password reset.

    • You can write down the password, just keep it secured in a safe place, instead of on your monitor or under your keyboard. Or, once you do make a new password, try typing it as much as possible to start to build muscle memory for it. Another good way is to make up a sentence, and use the first letters of each word, and replace some letters with uppercase letters, numbers, and symbols. So for example, “The quick brown fox jumps over the lazy dog,” could turn into “tQ8fJo7!” which would take about 3 days to crack. The longer the sentence, the more secure the password.

    • You do not have even to remember all your password, because there are a lot of free safe software that store your password. It’s called password vault.

    • Actually you can create secure passwords that are easy to remember. The usual crock when it comes to strong password is to combine letters numbers both in upper and lower cases.

      So you can make a password as easy as “Hahaha1221” and I think it can pass as a strong password and it’s easy to remember.

      • Actually it’s highly recommended you don’t use common words or phrases, regardless of any combination. Brute force attacks have only become more sophisticated and the more simplistic your password the more vulnerable you are.

  12. Creating your own security questions is always a safe bet, but sometimes that may not be an option. I find having the answers spelled differently makes excellent security. For example the question is “What was your first pet’s name?” I would say Spit when his actual name was Spot. Something along those lines. I just have to remember what I misspelled LOL.

    • A really good way to create answers for security questions that can’t be found on social media is to make them passwords. So instead of your first pet’s name, put some random password like “t0tH3r()M” and store it in a password manager.

  13. The most important tip here is to use different passwords for your accounts. I understand that you may feel a little to lazy, but it is worth writing them down somewhere in such a way that you will only know what websites and usernames they are for.

  14. Very informative post. Good thing I follow all of these procedures, except maybe “Use different passwords for different accounts.” I’m just not able to remember all my passwords if I do this, sure, you can have a password notebook or something, but I find that even less secure, imagine if that notebook falls into the wrong hands. I use different passwords on rare occasions, like if the website I’m registering in doesn’t look trusted.

  15. This seems to be the basics but still very informative. The one thing that I really love to create is the security questions. I tend to really overdo this part because I know that it’s the only form of password that is almost impossible to hack not unless you have some sort of direct clue.

    I’m on the weak spot however when it comes to passwords on multiple accounts. Out of sheer laziness and forgetfulness I tend to just use the same passwords for almost every account I make but it’s all categorized. For example, I have the same password style for all emails, then a different style for my online banking accounts etc.

    • I also do that sometimes but I think you don’t really have to be too protective when it comes to your passwords because;

      1. If you don’t have sensitive information stored there, why bother?
      2. You don’t have to worry about hackers unless you have something in your accounts that’s worth stealing.

      • I agree that you don’t have to be very strict on all of your accounts especially when you don’t have sensitive information in them but I think it’s also a good thing to be more secure. Even if that account doesn’t have sensitive information on it, it can still be used because maybe you have your name on it.

        • Right on. Sure you’re not obliged to change up your security when it’s not really important but it’s still a matter of privacy. Even if I don’t have anything to hide it would still be annoying to have someone prowling your emails and reading your spams.

    • There are a lot of way’s you can “counteract” your laziness. For example, use something on your desktop/near your computer/clearly visible as the base for your password. If you forget you can always just look around and be reminded. You can also jumble the same password a few times, but I wouldn’t recommend doing that too many times or on similar accounts.

  16. I’m a monster when it comes to strong passwords. I tend to really make it strong and for my security questions to be really hard to guess. But the problem is I tend to forget most of them so I end up reusing the same password for most of my emails but it’s okay because I don’t really have important things in there.

    • That’s the problem with me also but what I do is I tend to make a password pattern. It’s all different but of the same pattern as any of my other passwords so they’re strong yet similar but very different. So if I get the password wrong the first time, I just jumble a few letters and the cases and then I’m in.

      • I have a similar method. Different password strengths depending on the level of importance of the site. If it is a site I will occasionally use, then I will not focus too much on making a lengthy password.

  17. I always log out my accounts every time. Even if I’m using my own laptop or phone I tend to log them out every time I go public or when I’m connecting to public wifi. You’ll never know who’s going to steal your phone or laptop or maybe who’s going to use it unexpectedly.

  18. I’ve always been horrified by the number of people who aren’t familiar with basic steps like these. Identity theft is a growing problem and will only get worse! The more lax your security, the bigger a target you become.

  19. Two way authentication is definitely the way to go for important email accounts (e.g. those with financial data) It means that you have to receive a verification code sent to your phone as well to access your account. While it might be more of a hassle it is a lot more secure, and given how we are almost always carrying our smartphones with us now, it only takes a few more seconds for greater piece of mind.

  20. Now here is the question.. Where should we store this information? Especially if it is information that we are trying to make strong. Just about all of our lives are on computers, phones, tablets, ect. I am always afraid of losing my information.

  21. Writing a good password isn’t easy. People who are not very visual might also find it difficult to recall their passwords. I tried using a password security device called the password manager, which works to help me reach the goal of having one password for each account. Then I realized that many other accounts are applying the two-factor authentication, so I ditched the password manager. For the questions, I try to be emotionally neutral, because the security questions by default follow a set standard, and they usually are quite similar from one account to another. Most services providers suggest that we change our passwords every couple of weeks, but they don’t discuss security questions in great details.

  22. One password tip I’ve been using more frequently is to not use words, or combinations of letters, but phrases or strange combinations of words. For example, if I was asked to make a password right now, I’d put… BuzzBox65. Buzz, because my phone was just buzzing; box, because there’s a box on the table; and 65 because the box has 65 on it. Not an easily generated or guessed thing, but it’s something I could remember.

  23. I recently learned about how you should change passwords for all of your accounts every month (maybe less than that) or so. My password is usually the same for my accounts because it’s easier for me to remember but I guess it would also be easy for a cyber thief to break into. I’ve been practicing logging out as well, but I still have it set up so that that info is already in the log in section. I don’t have a lot of personal stuff online but I’ll be using these tips to make sure I’m protecting what I do have

  24. In the past, I made the royal mistake of using the same password on every single account I owned. Once a hacker got into my email account he had access to everything from my bank statements to my college portal. After that ordeal I have learned to make a unique password for every account I have and I have them all on a sticky-note attached to my monitor (I live alone so no one will have access to them but me). It has really improved my peace-of-mind and I recommend that everyone who has security worries to do the same!

  25. Yes, it’s very imperative that you treat your email account as if it were your bank account, especially if you have a lot of sensitive information coming and going on there. It’s good to see everyone getting reminded that we have to make sure these type of private online accounts of ours are secured and given strong, exclusive passwords that prevent hacking, which saves ourselves from online criminals. I practice everything outlined in the article, and I am usually able to remember many of my passwords, but I’m just glad to see it brought up.

  26. This article has good information for people that don’t have a secure email. I have 2 emails one that is strictly business and I have one for all other things that don’t use personal info. I have my business one on lockdown with a cryptic-like password I change every 2 months. My other email has a less hardened password because I use it more often.

  27. It’s true that it’s a must to keep different passwords for different accounts , but this may be difficult to keep up with by a certain demographic.
    My suggestion is to have a basic password like a day of the week, or the moth you were born in and then, differentiate the different passwords numerically by just adding 1 different number at the end of that personal word, for example: January10 ,11, 12 and that way you have an easy peasy manner of switching between them.

  28. My email was hacked into once. I scrambled to reset the password and get a much stronger password since then. I also change my passwords every now and then. Each with a whopping 20 characters or more if possible. Also, the security question can indeed be a gateway to your account. Better recheck mine.

  29. Some useful advice there. I think the main reason that a lot of us aren’t secure is because we’re inherently lazy. We can all blame the fact that there are so many passwords that we now have to have. But if we did treat our email services with a bit more respect and scrutiny we’d soon realize what we’re leaving ourselves open to. It’s the “it could never happen to me” syndrome.Time to take note.

  30. Great tips! I’ve come across all of them except for the last one: create your own security question. I never thought about that one. And yet it makes so much sense especially since we are using social media so often now. It’s easy to forget (or not see) the bit of information we drop here and there on social meadia that others pick up.

  31. I do use relatively strong passwords and I do have different passwords for my logins, but I can’t bring myself to log out. I have so many different accounts all over the web, so remembering a password is kind of hard and it’s better for me to just remain logged in on, at least, my laptop and smartphone.

  32. Thanks for the tips! When I was young I had an email hacked. Now my email is full of work and business messages it would be horrible to have it hacked so I will definitely be taking up on some of your advice! I never really thought about how simple my password was until I read this article! Time to go make some security changes! 🙂

  33. These are all really good tips but the reality is that it’s really really hard being 100% safe. In fact pretty much impossible.

    However, if you follow these tips you will indeed be SAFER. So thanks for this post, very useful! 🙂

  34. Strong password is a good idea. I’ve read somewhere it’s even a better idea to have a long one composed of random words.

    And yes with the questions… I mean especially “What was your college’s name?” That’s info most people have on their Facebook and LinkedIn accounts!

  35. Logging is probably the most important thing to remember when your accessing your email on devices that are not your own.

    Passwords don’t necessarily have to be complicated, but it’s better if you think of an abstract, seemingly nonsensical password like colafan25buscemitabloidgaydar.

  36. Email providers such as Gmail provide a lot of security measures. I believe that Gmail’s security is a lot safer than the others except it is debatable with Hotmail. Apps just as Authy and Authenticator help ensure our email accounts are protected.

Leave a Reply