One hole in Honans security was that his website domain registration was unprotected. That means anyone who went to a WHOIS site could enter his domain address and find out exactly where he lived. Honans billing address was one of the key pieces of data used to access his Amazon and AppleID accounts. If you own a website and the registration is connected to your home address, make sure you pay the extra fee to hide your personal details.
Account Recovery E-mail
A primary mode of attack for hackers is to use an online services account recovery option to try to break in. Thats what got the ball rolling for Honans nightmare, and it has happened numerous other times including the 2008 hack of Sarah Palins Yahoo account and the 2009 corporate Twitter hack. The best way to protect yourself against this is to use a dedicated free e-mail account such as Gmail, Hotmail/Outlook or Yahoo for account recovery. Make sure the account isnt using an obvious e-mail address such as your.name@gmail.com, myrecovery@outlook.com, or is similar to any of your other e-mail addresses.
If youre a Hotmail/Outlook.com user, you can create an alias address inside your old Hotmail account. But dont use this trick if your Hotmail address is already the point of contact for a sensitive account such as Amazon, Apple, Microsoft, or another service.
Firewall Between Sensitive Accounts
Another step you could take is to make sure a security breach cant snowball where access to one account gives hackers access to another. Use different recovery e-mail addresses for highly sensitive accounts, especially any account where you store credit card or bank details such as Amazon, Apple, Google Checkout, PayPal, or Xbox.com.
Two-Step Verification
If Gmail is your primary e-mail address, use two-factor authentication for logging in to the account. This requires you to enter a short verification code before getting access to your account. The code is sent to your phone via a smartphone app, SMS, or voice message. Without the verification code, hackers wont be able to access your account. Check out the Gmail help page for more information about two-step verification. Yahoo also offers two-step verification, while Hotmail offers one-time passwords for secure logins on public PCs.
