On 23 September, Yahoo confirmed that hackers swiped personal information from at least 500 million accounts, which is expected to be the biggest digital break-in at an email provider.
The massive security breach poses a new headache for troubled Yahoo CEO Marissa Mayer as she scrambles to close a $4.8 billion (roughly Rs 32,500 crore) sale to Verizon.
Yahoo has sent a notice to affected users to update their password and the registered mobile number and in case you have not received it, take these steps immediately to protect your Yahoo account.
Update your Yahoo account details. NOW.
The easiest step is to update your account details, and most importantly change the password. Passwords are mostly taken for granted and the perils of the same were borne by the likes of Facebook CEO Mark Zuckerberg.
Create a password that includes a combination of uppercase, lowercase letters, symbols and numbers. Make sure that the password that you've created has atleast eight characters and does not include any common phrase.
Apps like Keeper, LastPass, Dashlane help you save all your passwords in one place, which are further protected by a password.
In this case, you'll have to remember just one password which will give you the access to all other passwords.
Yahoo is also asking users to review their accounts for any suspicious activities, and remain cautious about any 'unsolicited communications that ask for your personal information'.
The two-factor-authentication system has been adopted by many websites these days, adding an extra layer of security.
To enable this security measure, head over to your Yahoo account page and login. Next, click on Account Security, enable the two-step verification feature by hitting the toggle button and then enter your mobile number. The next step involves verifying the mobile number by clicking the 'Send SMS' or 'Call Me' options. You will be provided with a verification key, which needs to entered and then click on verify.
Yahoo has another security feature that does not require you to remember passwords. Yahoo calls it the 'Account Key' and once enabled, users will only have to enter their username to login. Users will be sent a notification on their phones that will ask for approval to login to the account. On the web browser, go to Account Security and click on 'Yes, send me a notification'. User will receive a test account key on their device and tap on 'Yes'.
Once logged in, users will need to click on 'Always use Yahoo Account Key'. The last step involves verifying your phone number by clicking confirm.
Users should also change the passwords of all the accounts that are linked to the Yahoo account. Remember, it is a bad idea to keep similar passwords for all your accounts. It is easier to hack into accounts that share the same password.