Turn On Gmail's '2-Step Verification.' Now.

Yesterday's Wired account, by Mat Honan, of an "epic hacking" attack is fascinating, frightening, and instructive. You should read it. Here are some other things you should do, in ascending order of urgency:

  • You should read the story of what happened to my wife when six years' worth of email -- and associated photos, research notes, book drafts, calendar info, contacts, attached-file data, memorabilia, etc -- were all zeroed out by a hacker, who was using the "Mugged in Madrid" scam and was probably operating from West Africa.

  • You should look into the wide variety of ways to make local, non-cloud copies of your important online information. I won't get into all the details now, but for instance: you can use Thunderbird, Eudora, Outlook, Sparrow, or some other system for periodic backups of your email and associated online files. (And then of course have some other way to back up what's on your local hard drive.)

  • You should make sure that each of your important online accounts -- bank, credit card, email, anything that could cause you grief if someone else got control of it -- has (a) its own password, which (b) you have never used anywhere else. I rely on some mnemonic tricks, plus LastPass, to make this feasible  -- more on that another time.

  • And if you use Gmail, please, before you get up from this session at the computer, turn on the "2-step verification" that Google has offered, free, since early last year. OK, you are allowed to get up if you don't have your cell phone/smartphone at hand, because you'll need that for the 2-step setup. You can read official instructions here and will find lots of associated advice around the Internet. Here is one installment I offered after my wife's hacking episode last year.

In case there's any doubt about the priority order I am suggesting, my advice is:

    - FIRST, if you use Gmail, set up the 2-step system; then
    - Fix any "recycled" password you're using for accounts you care about protecting; then
    - Think about the offline backups etc.

And if you need any extra motivation, read just the first two paragraphs of the Wired piece:

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

In many ways, this was all my fault. My accounts were daisy-chained together. Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had I used two-factor authentication for my Google account, it's possible that none of this would have happened... 

Using the 2-step system is slightly less convenient than doing without it. For instance, every 30 days you will need to enter a special code into your desktop or laptop computers. And you'll have the one-time chore of generating "application specific passwords" for your iPad, your smart phone, and some mail-handling programs. Similarly, it is less convenient to carry keys around and have to lock and unlock your front door, compared with just leaving it open. But believe me, the "inconvenience" resulting from leaving the door open can be worse, in the digital as in the physical realm.
___
UPDATE: Here is some nice extra info on 2-step from Matt Cutts.

Presented by

James Fallows is a national correspondent for The Atlantic and has written for the magazine since the late 1970s. He has reported extensively from outside the United States and once worked as President Carter's chief speechwriter. His latest book is China Airborne. More

James Fallows is based in Washington as a national correspondent for The Atlantic. He has worked for the magazine for nearly 30 years and in that time has also lived in Seattle, Berkeley, Austin, Tokyo, Kuala Lumpur, Shanghai, and Beijing. He was raised in Redlands, California, received his undergraduate degree in American history and literature from Harvard, and received a graduate degree in economics from Oxford as a Rhodes scholar. In addition to working for The Atlantic, he has spent two years as chief White House speechwriter for Jimmy Carter, two years as the editor of US News & World Report, and six months as a program designer at Microsoft. He is an instrument-rated private pilot. He is also now the chair in U.S. media at the U.S. Studies Centre at the University of Sydney, in Australia.

Fallows has been a finalist for the National Magazine Award five times and has won once; he has also won the American Book Award for nonfiction and a N.Y. Emmy award for the documentary series Doing Business in China. He was the founding chairman of the New America Foundation. His recent books Blind Into Baghdad (2006) and Postcards From Tomorrow Square (2009) are based on his writings for The Atlantic. His latest book is China Airborne. He is married to Deborah Fallows, author of the recent book Dreaming in Chinese. They have two married sons.

Fallows welcomes and frequently quotes from reader mail sent via the "Email" button below. Unless you specify otherwise, we consider any incoming mail available for possible quotation -- but not with the sender's real name unless you explicitly state that it may be used. If you are wondering why Fallows does not use a "Comments" field below his posts, please see previous explanations here and here.

How to Cook Spaghetti Squash (and Why)

Cooking for yourself is one of the surest ways to eat well. Bestselling author Mark Bittman teaches James Hamblin the recipe that everyone is Googling.

Video

How to Cook Spaghetti Squash (and Why)

Cooking for yourself is one of the surest ways to eat well.

Video

Before Tinder, a Tree

Looking for your soulmate? Write a letter to the "Bridegroom's Oak" in Germany.

Video

The Health Benefits of Going Outside

People spend too much time indoors. One solution: ecotherapy.

Video

Where High Tech Meets the 1950s

Why did Green Bank, West Virginia, ban wireless signals? For science.

Video

Yes, Quidditch Is Real

How J.K. Rowling's magical sport spread from Hogwarts to college campuses

Video

Would You Live in a Treehouse?

A treehouse can be an ideal office space, vacation rental, and way of reconnecting with your youth.

More in Technology

From This Author

Just In