3DSC Day 22: Close Unused Accounts


Today is the third installment of what I have officially dubbed Account Security Tuesday!  Last Tuesday I asked you to set up two-factor authentication on your accounts.  The previous Tuesday I asked you to begin changing the passwords on them.  Today I am going to ask you to to take an additional step: identify and close unused accounts. At this point you may be wondering why I am so concerned with securing your online accounts.  There are a few reasons, but the most important is they are the most exposed.  Your computer is very unlikely to be breached relative to an online account that is exposed to thousands of hackers every day.

Most of us probably have an old account or two that we don’t log into any longer.  It might be an old email account, that cobwebbed MySpace page, or an abandoned bulletin board profile. It might be a bank account you no longer use, or an ecommerce account you set up for a onetime purchase. Regardless, if we used accurate information in the account it is still out there and still at risk.  In fact, it may even be at greater risk since you aren’t logging in regularly and monitoring it.  Let’s fix that.

Two weeks ago I asked you to begin changing your passwords.  The ones that have changed are probably in your password manager now.  Any account that you have not logged into in the last two weeks is possibly (probably?) not one that you really need.  I’m not making judgments on what you need and don’t – that is up to you.  All of us also probably have a few accounts that we only log into monthly.  However, if it isn’t necessary, and if you can, close them.  Two resources that can help you close unused accounts are Account Killer and Just Delete Me.

If you can’t close and old account, there are still some steps you can take to improve your security.  First login and change all the information to false information.  Your name, birthday, your hometown – everything EXCEPT your email address (we will deal with that next Tuesday.  In the meantime you still want to be notified if a breach occurs or someone attempts to log into your account).  If you can delete or unlink content like photos, blog posts, etc., do it.  Next, secure the account with a good, strong password, and if possible, two-factor authentication.

Leave a Reply