Last week, Mat Honan had his twitter, iCloud, Amazon and Gmail accounts hacked, resulting in large-scale data loss and a very scary evening. I highly recommend reading Mat’s account, here. From Mat’s article:
My accounts were daisy-chained together. Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc.
Mat mentions two-factor authentication, but what is it? Simply, it’s a process that uses your cell phone to verify your identity. To turn on two-factor authentication, one needs to give Gmail a mobile phone number. When the gmail account is accessed from a new computer, a text message is sent to the phone with a verification code. This means a person trying to hack into your Gmail account has (Factor One:) to know your password and (Factor Two:) have your phone.
Since Mat’s ordeal, I’ve enabled two-factor authentication on my Gmail and Facebook accounts, and changed my Amazon account to remove all credit cards except one, which I do NOT use for iTunes store purchases.
I recommend enabling two-factor authentication, but know it does add a bit of work. For my computer’s Mail program, and again for my iPhone Mail and my iPad Mail, I needed to generate specific passwords so that each of those devices could “stay logged in.”
For directions to set up Gmail two-factor authentication, MacWorld has a great step-by-step here. For Facebook, learn about Login Approvals, which is what Facebook calls two-factor authentication, here.
UPDATE 8/22: Here’s an article about Mat Honan’s experience with DriveSavers, who were able to recovery approximately 75% of his data, most importantly, his photos.