Earlier today, I received a 2-factor authentication request for my Apple account from somewhere in China.  There’s one small problem with this: I AM NOT IN CHINA. 😳

What is happening?!!

This request meant that not only was someone in China trying to hack my Apple account but that they successfully logged in.  Holy moly!!  Mind blown!  The only thing that stopped the hacker from doing whatever they wanted with my Apple account was the two-factor authentication.  Talk about a save!

I quickly went to haveibeenpwned.com to see if my Apple login email was featured and lo-and-behold,  it was.  As it turns out, I used that email address for 8 different sites that had been breached.  This meant that the hacker could be trying my credentials on a ton of different sites and worse, could possibly be getting somewhere.  The haveibeenpwned.com site actually recommends using a password manager for handling passwords and I can’t agree more on this.  But, I digress.

What to do?  What to do?

So for the next hour, after the hack attempt, I went through my password manager (told you they come in handy) and located every site that used that password and changed it.  Then, for good measure, I went through every site that used that email and changed the passwords there too.

I have to say, this experience was a big eye opener for me and I am truly blessed that it didn’t turn into a complete disaster.   Hopefully this won’t ever be your experience and to help further that, I have listed a couple tips below.

Thank you for reading.

Some tips to avoid my experience

  1. Setup 2-factor authentication as often as possible.  Yes, it’s an inconvenience but it may save your account… like it did mine. 😊
  2. Change your passwords regularly.  Don’t argue, just do it.
  3. Don’t use the same password on multiple sites.
  4. Use complex passwords because “6h89(^Y%TG*23d” is more difficult to crack than “password”.
  5. Check your emails against haveibeenpwned.com to find out if they may have been a part of a breach.  If so, change the passwords for all the accounts that use that email.  It’s time consuming but also not worth the risk.

Side note: A password manager helps with almost all of these tips and also adds much convenience.  I recommend 1password cuz they make my life easier.  That said, please don’t use an easy password to access your password manager.  This defeats the purpose.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.