TIME Security

What to Do After the Massive Yahoo Hack

How to protect your account

Yahoo confirmed Thursday that at least 500 million usernames and passwords were stolen by hackers back in 2014. The company isn’t saying who exactly is behind the attack, blaming an unnamed “state-sponsored actor.”

If you have a Yahoo account, what should you do now?

First, log in to your account and change your passwords. Never use the same password for more than one site — if you’ve been doing that, the hacker(s) who attacked Yahoo could use that password to gain access to your other accounts across the web, so change your other passwords too.

If you have trouble remembering more than one password, consider a password management program like 1Password or LastPass. (These programs can also generate secure passwords that are a jumble of letters and numbers, which are harder to guess than passwords you might think up on your own.)

Second, turn on two-factor authentication for your Yahoo account. This will require you to have your smartphone handy when you log in to your Yahoo account, meaning a hacker will need more than just your password to get access. Here’s how to do it.

Third, consider using Yahoo’s “Account Key” feature, which replaces written passwords with a smartphone app. It’s like a souped-up version of the step above. Here’s how to do it.

Fourth, be on the lookout for signs of credit card fraud, identity theft, and so on. Check your statements regularly. And be extra wary of any emails or phone calls seeking your personal information, as these could be attempts by hackers or their customers to gain more information about you.

Hacks like these are a good reminder of how important it is to practice good password hygiene. It’s generally a good idea to be constantly changing your passwords, using password managers and turning on two-factor authentication whenever possible for any service you use.

Your browser is out of date. Please update your browser at http://update.microsoft.com


Dear TIME Reader,

As a regular visitor to TIME.com, we are sure you enjoy all the great journalism created by our editors and reporters. Great journalism has great value, and it costs money to make it. One of the main ways we cover our costs is through advertising.

The use of software that blocks ads limits our ability to provide you with the journalism you enjoy. Consider turning your Ad Blocker off so that we can continue to provide the world class journalism you have become accustomed to.

The TIME Team