In recent weeks Yahoo has been prompting users to change their passwords and to add a phone number as an extra layer of security and on Thursday the reason for these requests became clear. The tech company announced that a hack could have compromised 500 million users' details.
Make the change now
Whether you're one of the 500 million or not, the first step to take should be to change your password and to activate Two Factor Authentication (2FA) and to do both now.
2FA sends a code to a smartphone or cell phone every time you attempt to log into your account and unless said code is entered, along with the password, entry will be denied. It's the simplest, but one of the most effective ways of adding an extra layer of security. If it sounds like a pain, you can set the service to remember a specific computer for up to 30 days without asking for a code.
Limit the damage
There are very few people that can honestly say they have a totally unique, impossible to crack password that isn't a word listed in the dictionary for every web service they use.
Chances are that the same login details will give them access to numerous services. If that's the case, make sure any account that uses the same Yahoo details is also updated, just don't change those passwords to the new Yahoo password too!
Don't get hooked
When data breaches are reported, phishers take the opportunity to send out bogus emails warning of security issues and asking you to update your details. Never click on a link in an email like this, no matter how genuine it seems. Always navigate directly to the service in question.
Let software take the strain
The best way of keeping online accounts secure is to use a password manager. There are plenty out there that are free to use for a single person and a single device and if you've got a Mac, then the operating system has a password manager baked in.