ULTIMATE ACCOUNT SECURITY
You know that 2FA can be compromised by someone who is
technologically sufficient, what can you do?
The best solution is to use something called a "Hardware key".
Think of a hardware key like a key for your car. Sure, maybe someone could
"hotwire" a modern car, but without the special chip inside the key, they're
not going to get very far.
A hardware key is like a physical key for your digital accounts.
When you go to login, you'll be prompted to insert the hardware key into the
computer and touch it.
That secondary layer of security is a code ONLY stored on the hardware key.
No keys. No access.
There's a few options on the market, but the market leader is a company
called Yubico.
I recommend the YubiKey 5C NFC and picking up a couple of USB to USB C
Adapters at the same time.
***You MUST BUY AT LEAST 2 YUBIKEYS.***
If you lose one of your hardware keys and you don't have a backup, you're in
a VERY bad spot.
Accounts to secure:
-
Any email accounts
-
Password Manager
-
Crpyto exchanges like CoinBase
-
Facebook accounts*
-
Instagram accounts*
*Facebook and Instagram accounts are now all sort of linked together via
"Meta Accounts Manager".
***If you are currently compromised, do not add compromised accounts to
the Meta Accounts Manager as this could provide another access point for
someone who is currently inside of one of your compromised accounts.***
Steps to setup:
-
Order 2 keys
-
Use the Yubico software to reset the keys as soon as you get them so you can ensure you know the PIN, and that it's not the default pin.
-
Log in to each of your accounts, go to 2FA, setup hardware keys.
-
Set up BOTH keys
-
Move on to next account
-
Write down your PINs and put them in a safe box. DO NOT STORE DIGITALLY.
-
PRINT OFF BACKUP CODES and put them in your safe box. Because they are not digital stored, ta-da, no one can ever digitally steal them.
Defensive Layer #2 - Backup Codes
Backup codes are a one-time available code you can use to log back into your
accounts if
Google and Facebook offer these.
Google:
Facebook:
Bonus Points #1 - Meta Verified
If your entire business is built on the one-legged stool that is Facebook
Ads, it makes a lot of sense for you to go ahead and get Meta Verified, even
if you won't "use" it. I can't say for sure, but it makes sense that it
would prevent a lot of shenanigans around anyone impersonating you... And of
course, priority support when you need it.
NOTE: Meta Verified doesn't explicitly provide support for Meta Ads... But
they can help out sometimes. It can be a decent avenue to help get your case
escalated.
Bonus Points #2 - Spare Accounts
While technically against Terms of Service of Facebook, it can be a smart
idea to set up a backup account. I am not endorsing making a second Facebook
account for you, but rather, getting the full infrastructure in place on a
family member's willing Facebook account that you could run a Business
Manager from.
You can think of Business Managers as BASICALLY being 1-per-account. BUT
there's a loophole...
Business Managers can effectively be transferred... SO, if you profile does
get compromised and you can't get it back...
Make a new one for YOU, have your friend/family member add you as admin to
the backup business manager, and remove them if they don't need to be there.
You can flex this strategy to your needs.
Time Commitment to Set this Up
I'm a pretty dang techy person (if you didn't notice), and this still took
me a few hours to do. So probably block of 3 hours if you're not a super
techy person and re-read everything 3x and make sure you really understand
it.
PS. Most bank account logins cannot be secured with Yubikeys.
Don't write your bank account passwords down anywhere. Not even in a
password manager.
Share this article: