- Messages
- 20,160
- Location
- Springfield, Missouri
So just a couple of things I do for keeping things private and controlling the access to my personal stuff.
Phone calls: Get a google voice phone number. No one but a half dozen family members have my real cell or home phone number. Years ago I got a free google voice phone number and its what I use as my main number. You basically tie the number to one or more real phone numbers. You can set it up to ring all those numbers at once. When someone calls that number you have options to screen the calls, can setup frequent spam call numbers as such and block them, or let them go to voice mail then block them if they are repeatedly calling and not leaving any messages. I give this number to all places that require a phone number. There is an app to run on your phone for it, so can setup out-going calling to always use it, always use your real number, or prompt before dialing for which to use.
Texting: Use the google voice number above, it has text messaging and those messages can be checked in the web app or the on-line app.
Emailing: I have a yahoo account that most things I "sign-up" for gets used. This is for things like other forums, mailing lists, one-time or infrequent purchase, etc.
I do not use this directly for any accounts I sign up for. I also have my own domain and hosting. With it I have the option of creating my own emails address and forwarding emails for those address to one or more emails. So for example, I sign up for family woodworking, I create a forwarding email called "fww1@mydomain.com" and forward that to one of my actual emails. Should I start to get spammed by at that email, I'll know who sold my information. It also makes hacking all of my accounts a lot more difficult. They may be able to hit FWW with my fww1@mydomain.com user and do a brute password to hack the account, but they aren't going to be able to use that to login to my email or banking accounts.
Setting up your own domain and email may be more technical than some of you want to do, but you can always just do two or three email accounts and separate the use of them out. Have one that is your banking email, another for store purchases, another for email lists or infrequent sign-ups.
Passwords: Use a password manager, or a couple, or write them down somewhere safe and convenient. There are lots of good secure options for these, Keeper, LastPass, LogMeOnce, etc. I don't know most of my actual passwords. For almost all sites I use a password generator in my password manager that creates complex passwords that match the maximum length & character complexity the site allows. I only have to know a handful of passwords, one of them is to the the password manager and when I need to login to a site, I enter that password and it fills in the login for the site for me. Yes, this is a "keys to the kingdon" issue, but if you keep that password safe, likelyhood of someone getting access to your password vault is not likely, especially if you're using two-factor authentication, which leads us to the next topic.
Most hacks to your accounts happen due to a site you've signed up on, using the same email and password you've used on every other site you've visited. That site gets hacked, they steal the user login info and now set-out to login to every financial institution (starting with the big ones) that they can to see if they can steel your money. They also use that to try and login to your own email, hoping you used the same password or a variation of it. They may only have your email and start by using that as the login and brute force hacking your password if it is simple enough to guess.
Some are a bit more crafty, such as those posts on Facebook that ask you to post your personal info (first car, dogs name, hometown, etc), they then use that to guess your password as they may have your email as part of your contact info on your fb account, hide that contact info from anyone that isn't a friend and only let friends see your posts there.
Two-factor (2Fa): Always, Always, Always use 2Fa where you can. The type of two factor that gets used is up to the site you visit. Some will email you a verification, some have google 2Fa, which you setup in the Google Authenticator app and the verification number is synced with their system and changes every 60 seconds. Others will text you at your mobile number or have another app that is required.
Basically 2fa will narrow down the possibility that someone can authenticate your password, and receive or have the verification code to complete the login.
Credit Cards or paying on-line: Setup a bank account with an amount of money you are ok with possibly getting stolen (temporarily). Or use a site like Paypal for doing the transaction if it is an option upon check-out. Some credit cards have a feature of generating temporary numbers that allow you to associate that temporary number to your real credit card number and only allow a one-time or limited time use. Those are great for online purchases or for subscriptions that require a CC and are hell to cancel once you sign up. Simple expire the temporary number and they can no longer take money from you. There are a few sites that do this as a service too, but I'd rather go pickup a visa gift card that is re-loadable and use it. There is a small fee for when you load them, but some piece of mind if you are worried about your cc getting stolen.
I know that was a long read, but thought it was worth sharing. Also would love to hear what others do for keeping things private.
Phone calls: Get a google voice phone number. No one but a half dozen family members have my real cell or home phone number. Years ago I got a free google voice phone number and its what I use as my main number. You basically tie the number to one or more real phone numbers. You can set it up to ring all those numbers at once. When someone calls that number you have options to screen the calls, can setup frequent spam call numbers as such and block them, or let them go to voice mail then block them if they are repeatedly calling and not leaving any messages. I give this number to all places that require a phone number. There is an app to run on your phone for it, so can setup out-going calling to always use it, always use your real number, or prompt before dialing for which to use.
Texting: Use the google voice number above, it has text messaging and those messages can be checked in the web app or the on-line app.
Emailing: I have a yahoo account that most things I "sign-up" for gets used. This is for things like other forums, mailing lists, one-time or infrequent purchase, etc.
I do not use this directly for any accounts I sign up for. I also have my own domain and hosting. With it I have the option of creating my own emails address and forwarding emails for those address to one or more emails. So for example, I sign up for family woodworking, I create a forwarding email called "fww1@mydomain.com" and forward that to one of my actual emails. Should I start to get spammed by at that email, I'll know who sold my information. It also makes hacking all of my accounts a lot more difficult. They may be able to hit FWW with my fww1@mydomain.com user and do a brute password to hack the account, but they aren't going to be able to use that to login to my email or banking accounts.
Setting up your own domain and email may be more technical than some of you want to do, but you can always just do two or three email accounts and separate the use of them out. Have one that is your banking email, another for store purchases, another for email lists or infrequent sign-ups.
Passwords: Use a password manager, or a couple, or write them down somewhere safe and convenient. There are lots of good secure options for these, Keeper, LastPass, LogMeOnce, etc. I don't know most of my actual passwords. For almost all sites I use a password generator in my password manager that creates complex passwords that match the maximum length & character complexity the site allows. I only have to know a handful of passwords, one of them is to the the password manager and when I need to login to a site, I enter that password and it fills in the login for the site for me. Yes, this is a "keys to the kingdon" issue, but if you keep that password safe, likelyhood of someone getting access to your password vault is not likely, especially if you're using two-factor authentication, which leads us to the next topic.
Most hacks to your accounts happen due to a site you've signed up on, using the same email and password you've used on every other site you've visited. That site gets hacked, they steal the user login info and now set-out to login to every financial institution (starting with the big ones) that they can to see if they can steel your money. They also use that to try and login to your own email, hoping you used the same password or a variation of it. They may only have your email and start by using that as the login and brute force hacking your password if it is simple enough to guess.
Some are a bit more crafty, such as those posts on Facebook that ask you to post your personal info (first car, dogs name, hometown, etc), they then use that to guess your password as they may have your email as part of your contact info on your fb account, hide that contact info from anyone that isn't a friend and only let friends see your posts there.
Two-factor (2Fa): Always, Always, Always use 2Fa where you can. The type of two factor that gets used is up to the site you visit. Some will email you a verification, some have google 2Fa, which you setup in the Google Authenticator app and the verification number is synced with their system and changes every 60 seconds. Others will text you at your mobile number or have another app that is required.
Basically 2fa will narrow down the possibility that someone can authenticate your password, and receive or have the verification code to complete the login.
Credit Cards or paying on-line: Setup a bank account with an amount of money you are ok with possibly getting stolen (temporarily). Or use a site like Paypal for doing the transaction if it is an option upon check-out. Some credit cards have a feature of generating temporary numbers that allow you to associate that temporary number to your real credit card number and only allow a one-time or limited time use. Those are great for online purchases or for subscriptions that require a CC and are hell to cancel once you sign up. Simple expire the temporary number and they can no longer take money from you. There are a few sites that do this as a service too, but I'd rather go pickup a visa gift card that is re-loadable and use it. There is a small fee for when you load them, but some piece of mind if you are worried about your cc getting stolen.
I know that was a long read, but thought it was worth sharing. Also would love to hear what others do for keeping things private.
