How to Secure Your Accounts
A practical checklist for email, banking, cloud, and social media security.
How to Secure Your Accounts
1. Prioritize Your Most Important Accounts
These accounts usually need attention first because they can affect your money, identity, and privacy.
- Primary email account (the one used for password resets)
- Banking and credit card apps
- Phone carrier account (Verizon, AT&T, T-Mobile, etc.)
- Cloud storage (Google Drive, iCloud, OneDrive, etc.)
- Main social media account (or any account with direct messages and location tags)
Quick priority check
- List which of the five categories above you use.
- Circle the email linked to most logins and password resets.
- Start with that primary email, then banking, then phone carrier, then cloud/social.
If changing passwords or settings could cause conflict, consider using a safe device and private time to make changes.
2. Strengthen Passwords on Priority Accounts
Options for making key accounts harder to access:
- Create a unique password for each important account.
- Avoid shared details someone might guess (names, birthdays, pet names, anniversaries).
- Use longer passphrases (for example: several random words together) instead of short single words.
- Update passwords anywhere you think someone may know or guess the current one.
- Do not reuse banking or email passwords on other sites.
If someone may already know your password
- Change the password from a device you believe they cannot access.
- Log out of all sessions (details below) after you change it.
- Update security questions and answers so they are not based on real, guessable facts.
3. Turn On Two-Factor Authentication (2FA)
2FA adds an extra step when logging in so a password alone is not enough.
Common 2FA options
- Text message (SMS) code sent to your phone number
- Authenticator app (Google Authenticator, Authy, Microsoft Authenticator, etc.)
- Security key (physical USB or NFC device)
- Backup codes (one-time codes you can store somewhere safe)
Steps to enable 2FA
- Open the account’s “Security” or “Login & Security” settings.
- Look for options labeled “Two-factor authentication,” “2-Step Verification,” or “Login verification.”
- Choose a method:
- If someone may see your text messages, consider an authenticator app instead of SMS.
- If you use SMS, confirm the phone number is one that only you control.
- Follow the steps to set it up and test a login.
- Save any backup codes in a safe place that others cannot access (for example, on paper somewhere private).
If an abusive person controls your phone number or can read your texts, using SMS codes may give them more access instead of less. In that case, an authenticator app or security key can be safer.
4. Remove Unrecognized or Risky Devices
Many services show which phones, tablets, and computers are logged into your account.
How to review devices
- Sign in to your account on a device you trust.
- Open “Security,” “Devices,” “Your devices,” or “Where you’re logged in.”
- Look for:
- Devices you do not recognize
- Logins from locations that do not match where you are
- Old phones, laptops, or tablets you no longer use or no longer control
What you can do
- Use “Sign out of all devices,” “Remove device,” or “Log out everywhere” if the option exists.
- After logging out of all devices, change your password again from the trusted device.
- Turn on alerts for new logins so you get a notification when a new device signs in.
Some platforms take a few minutes to sign out everywhere. You may still see old sessions listed briefly even after removing them.
5. Check Your Recovery Email and Phone Settings
Recovery details can let someone reset your password even if they do not know it.
Review for each important account
- Open “Security,” “Account recovery,” or “Password reset” settings.
- Check:
- Recovery email address
- Recovery phone number
- Backup codes or trusted devices
Options to increase safety
- Remove any recovery email that:
- Belongs to the abusive person, or
- Is shared, or
- You cannot access alone.
- Update the recovery email to one that:
- Only you can access, and
- Is not signed in on shared or monitored devices.
- Change the recovery phone number if:
- They pay for or control your phone line, or
- They know your voicemail PIN and can listen to messages.
- Review “trusted contacts” or “account recovery contacts” and remove anyone who might share information with them.
6. Lock Down Banking and Money Apps
Financial accounts often give access to spending history, addresses, and card details.
Steps for each financial app or website
- Change the password from a secure device.
- Turn on 2FA, preferably using:
- An authenticator app, or
- A phone number only you control.
- Review “linked devices,” “authorized devices,” or “remembered browsers,” and remove anything you do not fully control.
- Check “linked accounts” (for example, PayPal, Venmo, Cash App, Apple Pay, Google Pay) and disconnect any you no longer use or do not recognize.
- Turn on transaction alerts so you receive a notification for logins or payments.
Extra settings to review
- Mailing address and contact details (make sure they are current and safe).
- Shared cards or joint accounts, if reviewing them will not create additional risk.
- Any “view only” or “authorized user” access that someone else may have.
For changes that could affect shared finances or joint accounts, some people also review information from banks and financial legal resources, and may look at options listed on external sites such as https://www.dv.support.
7. Secure the Device You Use to Make Changes
Account security depends partly on the device you use.
Basic device checks
- Set a screen lock (PIN, passcode, or fingerprint) that others do not know.
- Turn off lock-screen previews for messages containing verification codes.
- Sign out of accounts on shared computers or public devices after use.
- Clear browser history and saved passwords on any device you no longer use or no longer control.
If you suspect monitoring software
- Avoid changing sensitive settings on a device you think is monitored.
- Use a different device you believe is private (for example, a library computer you do not stay signed in on).
- Change passwords and recovery options only from that safer device.
8. Ongoing Account Safety Habits
Regular, small checks can help keep accounts more secure over time.
- Review security and login activity on key accounts every few weeks.
- Update passwords if you notice logins you do not recognize.
- Remove apps and services you no longer use that still have access to your main accounts.
- Keep a private record of:
- Which accounts have 2FA turned on
- Where backup codes are stored
- Which email is used for recovery