Islamic reminder: Take a couple hours tonight to secure your online life - السلام عليكم

Assalamu alaykum - I always thought I was pretty tech-smart and that a simple scam wouldn’t get me. Turns out I’m not immune. After a tiring weekend camping trip, tired and not fully with it, I fell for a 2FA phishing trick and someone got into one of my Google emails. Alhamdulillah it was an old neglected email stuffed with spam, but it shared the same password pattern as other important accounts. That single weak link could have let them access my social info, passport photos, and other documents if I hadn’t noticed. That was the wake-up call that forced me to finally sort out my online security. I picked up a few practical things that might help you too. 1) Passwords • Make every password completely unique. Don’t reuse or slightly vary the same password across sites. I used to rely on two base words and number tweaks - bad idea. Now each account has a distinct random string of characters, symbols, and numbers. • Use a password manager to store them. Most generate strong passwords. I use Apple’s manager and also wrote them down and put the paper in a safe place, in case I lose both phone and laptop. • Enable 2FA everywhere you can. Biometric (touch/face) is strongest, and use an authenticator app as backup. SMS is the weakest but better than nothing. I kept backup auth codes on an old phone and an iPad in case my main phone is lost. If you use an authenticator app, set it up so the codes live locally on the device. 2) Freeze what you can • Freeze your credit reports and other consumer records by default. There’s really no downside - unfreeze only when you need to apply for credit. Create accounts with the major bureaus and freeze your files. It’s annoying to sign in to unfreeze for a short time, but it takes minutes and prevents someone from opening loans or accounts in your name. 3) Government accounts • Make an account on the social security site so no one else can claim benefits in your name. Many haven’t claimed their personal SSA account; don’t let someone else do it for you. • Get an IRS identity protection PIN to stop others filing tax returns using your details. (Service availability may vary, check when it’s online.) 4) Sign up for alerts • Mail diversion is a real trick. Use your postal service’s tracking/preview features so you know what’s being sent to you. • Turn on transaction alerts for all financial accounts. They’re annoying but they’ll quickly flag unauthorized activity. 5) Clean house • Delete services you don’t use. Review saved passwords and third-party app links and remove anything unnecessary. My weak spot was an old Zillow login saved in my password manager that shared a pattern with my bank and cloud accounts - that was the risky link. This whole cleanup took me about two hours and I feel much more secure now, alhamdulillah. It’s worth setting aside the time, and I plan to help my parents do the same. An ounce of prevention is worth a pound of cure. May Allah keep our affairs safe. Wa alaykum assalam.