ULTIMATE ACCOUNT SECURITY
You know that 2FA can be compromised by someone who is technologically sufficient, what can you do?The best solution is to use something called a “Hardware key”.Think of a hardware key like a key for your car. Sure, maybe someone could “hotwire” a modern car, but without the special chip inside the key, they’re not going to get very far.A hardware key is like a physical key for your digital accounts.When you go to login, you’ll be prompted to insert the hardware key into the computer and touch it.That secondary layer of security is a code ONLY stored on the hardware key.No keys. No access.There’s a few options on the market, but the market leader is a company called Yubico.I recommend the YubiKey 5C NFC and picking up a couple of USB to USB C Adapters at the same time.***You MUST BUY AT LEAST 2 YUBIKEYS.***If you lose one of your hardware keys and you don’t have a backup, you’re in a VERY bad spot. Accounts to secure:
- Any email accounts
- Password Manager
- Crpyto exchanges like CoinBase
- Facebook accounts*
- Instagram accounts*
*Facebook and Instagram accounts are now all sort of linked together via “Meta Accounts Manager”. ***If you are currently compromised, do not add compromised accounts to the Meta Accounts Manager as this could provide another access point for someone who is currently inside of one of your compromised accounts.***
Steps to setup:
- Order 2 keys
- Use the Yubico software to reset the keys as soon as you get them so you can ensure you know the PIN, and that it’s not the default pin.
- Log in to each of your accounts, go to 2FA, setup hardware keys.
- Set up BOTH keys
- Move on to next account
- Write down your PINs and put them in a safe box. DO NOT STORE DIGITALLY.
- PRINT OFF BACKUP CODES and put them in your safe box. Because they are not digital stored, ta-da, no one can ever digitally steal them.
Defensive Layer #2 – Backup Codes
Backup codes are a one-time available code you can use to log back into your accounts ifGoogle and Facebook offer these.Google: https://support.google.com/accounts/answer/1187538?hl=en… Facebook: https://www.facebook.com/help/148104135383285
Bonus Points #1 – Meta Verified
If your entire business is built on the one-legged stool that is Facebook Ads, it makes a lot of sense for you to go ahead and get Meta Verified, even if you won’t “use” it. I can’t say for sure, but it makes sense that it would prevent a lot of shenanigans around anyone impersonating you… And of course, priority support when you need it.NOTE: Meta Verified doesn’t explicitly provide support for Meta Ads… But they can help out sometimes. It can be a decent avenue to help get your case escalated.
Bonus Points #2 – Spare Accounts
While technically against Terms of Service of Facebook, it can be a smart idea to set up a backup account. I am not endorsing making a second Facebook account for you, but rather, getting the full infrastructure in place on a family member’s willing Facebook account that you could run a Business Manager from.You can think of Business Managers as BASICALLY being 1-per-account. BUT there’s a loophole…Business Managers can effectively be transferred… SO, if you profile does get compromised and you can’t get it back…Make a new one for YOU, have your friend/family member add you as admin to the backup business manager, and remove them if they don’t need to be there.You can flex this strategy to your needs.
Time Commitment to Set this Up
I’m a pretty dang techy person (if you didn’t notice), and this still took me a few hours to do. So probably block of 3 hours if you’re not a super techy person and re-read everything 3x and make sure you really understand it. PS. Most bank account logins cannot be secured with Yubikeys. Don’t write your bank account passwords down anywhere. Not even in a password manager.
Your blog is a beacon of light in the often murky waters of online content. Your thoughtful analysis and insightful commentary never fail to leave a lasting impression. Keep up the amazing work!