You may have heard of Mat Honan’s case. He got hacked pretty bad. In the end, it was mostly the fault of Amazon’s and Apple’s crappy policies. But it would be short-sighted not to rethink your current setup. Just let me recap what happened to Mat.
The hackers wanted his Twitter Account. They got the link to his personal website on his Twitter profile. On his personal website, they found his Gmail address. On the Google Account Recovery pagge, they saw that his (partially displayed) recovery email address was an apple-run @me.com address. Basically, the rest is Apple’s and Amazon’s fault. They got access to his Amazon account, got the last four digits of the credit card and used that information to get into his Apple ID. The email address associated with it was the Google Account Recovery address mentioned above, so we’ve come full circle.
I was disappointed with most articles claiming to be a step-by-step guide on how to prevent this from happening to you. So here’s my two cents.
The answer (of course) can’t be not to have your website displayed on the twitter profile page or to use different names on every platform.
Amazon and Apple have changed the policies which enabled Honan’s hackers to do what they did. But that doesn’t mean you can relax. There are other ways, and other service providers may have crappy policies in place.
So, I basically recommend to do what Lifehacker suggests. Like/plus this:
The above is all cloud, password, account and Internet stuff. Of course, you should never leave your laptop alone without locking the screen or logging off. Once someone evil gets physical access to your device, it.is.over. So, use the heck out of magic corners, the iOS four-digit-code and so on. With the daily iCloud backup enabled, you should consider the ‘10-times-wrong-code? Erase my iPhone!’ feature.
I’m no securtiy expert, but I think this will prevent you from being the next Honan.