What to do if your Yahoo account was hacked

The latest Yahoo hack is a doozy you shouldn’t ignore.

On Thursday, the company said My True Care at least 500 million user accounts were affected by a massive data breach. The hack happened in 2014 when a “state-sponsored actor” stole account information, including names, emails, passwords, telephone numbers, and answers to some security questions.

So what should you do if you have a Yahoo account? First and foremost, you’ll want to change your password immediately. All Yahoo account holders should also change their security questions and answers.

Related: Yahoo says 500 million accounts were stolen.

If your account is one Yahoo suspects was compromised, you’ll be prompted to enter a new password as soon as you log on. If you used the same password on other accounts, change those, too.

READ MORE :

• MAP YOUR TRAIL
• This app writes ‘100% unique’ content in 2 minutes for a dollar – too good to be true?
• Top 10 Tips On Protecting Your Computer
• Survival Food Kits: How to Make and What to Include
• Quick Tips For Diagnosing and Fixing a Slow Computer

Here are other steps to take to secure your online accounts.

Change passwords often

Yahoo is asking anyone who hasn’t changed their password since 2014 to update it. This is good advice for everyone: Passwords should be changed often. You won’t always get a timely notice from a company that an account was compromised — and sometimes it might not even know about a hack until much later. In this case, it took two years for the company to confirm the breach.

Never use the same password twice.

Repeat after us: Never use the same password twice. If hackers get the password for one of your online accounts, they can use it to access your other accounts that take the same credentials.

Pick better passwords

Consider using a phrase instead of single words that are more easily guessed. Don’t go for common phrases like cliches: Pick a combination of words that don’t go together — i.e., rather than “herecomesthesun,” go for something like “combat boots parade”. Avoid using common passwords like 1-2-3-4-5-6 or p-a-s-s-w-o-r-d (see more here), and include a mixture of numbers, letters, and characters Frett Board.

Use a password manager.

Since strong, unique passwords are a huge pain to memorize, try a password manager like 1Password or LastPass. These platforms generate and store passwords and security answers for every account you have, so you only have to remember a single master password.

Update those security questions

If you forget a password, using security questions is an easy way to gain access back into your own account — it’s not as you’ll ever forget your mom’s maiden name. But some Yahoo security answers and questions were a part of the breach. The company has already disabled any unencrypted security answers on its accounts. If you frequently use the same security questions and answers for other online accounts, you’ll want to change those, as well. Attackers could use the information taken from Yahoo to obtain access to other online accounts that contain even more sensitive information. Avoid choosing the obvious questions and don’t provide answers that are easy to find online through Google searches, social media sites, or old Live Journal entries.

Be alert

The company urges users to look through their Yahoo accounts (email, calendar, groups, etc.) for any signs of suspicious activity. Although it doesn’t say what to look for, start by checking outgoing emails.

Related: 7 safety tips from hackers

Be extra careful about clicking on links or opening downloads from unknown email addresses. If anyone emails asking for your password, it’s a red flag — even if it looks like it’s coming from a legitimate place like Yahoo or a bank. Never share any account information or passwords over email.

Turn on two-factor authentication.

On its own, a password isn’t a strong line of defense.