If you're seeing this message, it means we're having trouble loading external resources on our website.

If you're behind a web filter, please make sure that the domains *.kastatic.org and *.kasandbox.org are unblocked.

Main content

What can I do to protect my account?

Learn how you can use tools such as two-step verifications, password managers, and security checkups to proactively keep your accounts secure. To learn more about how you can keep yourself safe while on the Internet, visit: internet-safety.khanacademy.org. Created by Sal Khan.

Want to join the conversation?

Video transcript

- So Grace, is there anything that I can proactively do, to protect my accounts? - Absolutely. I'm so glad you asked. We recommend that folks use something called two-step verification. Now you have a password to log into your account. But if you are able to turn on two-step verification, that is a second layer of authentication to verify that you are you. This is extremely helpful in the event that a password is stolen through a phishing attempt because even if someone has access to your password, they won't be able to log into your account without also having your phone, or your computer, which is far less likely. So, two-step verification can mean receiving a text message to verify that it's you, or an email, or even a phone call. This is something we really recommend people do, especially for things like bank accounts, or any sort of account where you have a lot of personal information. - No, I can't tell you how important that is, Grace. I use two-step verification on pretty much any account that I definitely do not want people to break into. And I have to say, over the last four or five years, there's been a few situations where all of a sudden, I got a text message on my phone saying, "Here's your security code." And I'm like, "Wait, I didn't even ask for a security code." It means someone might have compromised one of my accounts, and is trying to log in. But the two-step verification is actually keeping them out. Because the odds that someone got your password somehow, and has physical possession of your phone, or a computer, very, very low, unless you have some shady people in your house, or your workplace. - That's absolutely right, Sal. And the fact that you received that message and immediately said, "Hey, this wasn't me." That's two step verification working as intended. Another tool that I like to recommend that folks use, is something called the password manager. This can help you keep track of your passwords, and make sure that you're using strong passwords, and updating them regularly. So you can save your passwords in your browser. So, instead of having to keep track of 20 different passwords yourself, that tool does it for you. - No, that's really helpful. Because I think there can be a strong temptation to put easy passwords, or reuse the same password over and over again, to just make it memorable. But that makes you extra vulnerable. So if you use these things, you can have super secure, different passwords for every site. - Exactly. Unfortunately many people do reuse the same password, or use a, not a very secure password that might be easy to guess. So we really recommend to move over to that password manager and then you only have to remember one password to that. Super helpful. Another tool that I recommend people look into is something called Security Checkup. That's a place where you can actually keep track of all your online accounts and passwords, and be notified if there is a breach, such as a data breach, or a phishing attempt that got access to your password. It'll help you keep track of kind of how long those passwords have been staying the same, and remind you to update them. So, definitely check out Security Checkup as well. - Super useful. Thanks so much, Grace. - Thank you, Sal.