Maintain a secondary email account, preferably on a different provider from your primary email.
If something happens to your primary, you can use the secondary to send critical messages until
you fix the primary.
Don't ignore the account-recovery settings on your accounts, or put bad data in there.
Sure, you'd rather not let Google or Yahoo or Facebook know your phone number or your second email address.
But that information can save you if their security triggers get pulled for some reason.
You travel, you try to access your email from laptop or internet cafe (seems not to happen when accessed from phone),
you get "hey, we see a login attempt from a new country,
we're turning off account access until you give us the code we're SMSing to your phone or emailing to your other account".
Better hope you've kept the account-recovery options up-to-date.
From DrStephenPoop on reddit
Tienlon Ho's "Can You Live Without Google?"
> BACK UP YOUR DATA
And not just what's on your hard drive.
trust the cloud!
Google recently ended my account for an unidentified TOS violation. I am not sure what I did.
I just logged into gmail one day and instead of an inbox I saw a message saying my account had been disabled. I lost:
8 years of email contacts
6 years of favorited YouTube videos
About a dozen videos I made with my brother that were uploaded to YouTube.
All my Drive/Doc files including original writing.
My passwords to several sites, including banking and insurance sites.
Three albums I had purchased from Google Play.
Here's the kicker: I was a google believer. I am one of the 5 or so non-developers who actually owns a first generation Chromebook.
I believed in the cloud!
Use and enjoy Google's services, but do NOT rely on them. Even though you buy their computers and purchase music from them,
you are STILL not the consumer with google. You are the product (sold to advertisers).
So when you are shut out from their garden, you have no customer service to appeal to, or to even
find out why you got tossed. You might as well be staring at an angel with a flaming sword, wondering where your pants are.
> Didn't you contact Support ?
When you get the "your account has been disabled" screen, they give you a link to voice your grievance.
After submitting, you get a message that says something to the effect of:
"If we find we have reason to contact you, we will contact you."
You can also go the community forums and plead for help. Sometimes someone associated with google
will actually say: "I'll have people take a look at this." In all my pleas, I never got a response.
That is as far as support goes. You are not a customer. You are the product, and you are merely a commodity.
Have you ever heard of "commodity support"?
From someone on reddit
A few days ago my Facebook account was disabled suddenly and without warning.
I've gone through what I thought was a fairly routine appeals process - filled in the form they link
you to when you try to log in and included a scan of my photo ID as they requested to prove I'm a
real person etc. However, I just received an email from Facebook saying the following:
> ... Upon investigation, we have determined that you
> are ineligible to use Facebook. ... Unfortunately, for
> safety and security reasons, we cannot provide
> additional information as to why your account
> was disabled. This decision is final. ...
This is really bizarre and quite upsetting - it's easy to forget just how much we rely on this service.
If I can't get my account reactivated, that's six years of content (and memories) lost,
and a huge blow to my ability to keep in contact with some friends and family.
The only possible reason I can think of for my account being disabled is what I was doing at
the time - sending some photos to someone through the private messaging system.
Some of the photos were (mildly) adult in nature (at her request!) which could be deemed
a breach of the Community Standards if you look at it in strict black and white terms
("Facebook has a strict policy against the sharing of pornographic content").
However I can't bring myself to believe that there is someone monitoring private message
attachments and instantly banning people if they see boobs. Beyond that, I genuinely
can't conceive of a reason as to why my account was singled out for anything.
Any advice would be appreciated as to what I should do next - I am not yet willing
to just give up and lose all of that content. I have replied to the email, though I
doubt anyone will read it, but beyond that there's really no other contact options
I can see, and Googling this problem does not produce much beyond more horror stories like this.
From sugarbreach on reddit
I am writing this to warn Google users to back up their data, and to realize that everything
you take for granted can be taken away in an instant.
About a week ago I attempted to log into my Gmail account and was greeted with a page
saying my account was disabled. It says that it was disabled due to a perceived violation
of the terms of service and product specific polices. I have read and reread the google terms of service,
and I know I haven't done anything to violate them. The only possibility I can think of is that someone
may have hacked into my account. I have been an enthusiastic gmail user since it first came out in beta,
and you had to be invited to get an account. I have relied on google apps to make my life easier.
I have filled in their account recovery form, and even tried calling members of the Gmail team, but have had no luck.
I also have posted on the gmail help forum, but an expert there said he contacted google and there was nothing
he could do and google wouldn't tell him anything "for privacy reasons".
This has created the ultimate real-life nightmare, and has turned my life upside down, a few examples of which are listed below.
All of my contacts were linked to this account. I now do not have access to emails, phone numbers, addresses, etc.
My google voice telephone number is no longer working. I had this phone number on my business cards and email signature,
and now when someone dials the number, they are given an error recording. "We could not complete your call, please try again".
My youtube account with many videos I cherished of my children are now gone.
I have all of my photos backed up to the account for nearly my entire life, as I thought this was the safest place to keep
them (the cloud!) I have photos of my beloved grandparents who have since passed away, and the thought that I can no longer
access these photos makes me sick. I also have thousands of pictures from vacations and of my children that I fear are gone forever.
A nice chromebook that I purchased to access all of the google apps is now almost useless since my account has been disabled.
I have multiple documents in my google drive that I have spent hours of work on, and can no longer access them.
I placed an enormous amount of faith and trust into google's products and services, as millions of people have worldwide.
It is a shame that something this important in someone's life cannot even warrant a response from a live person at Google.
I have been very depressed because my entire life was encased in google's products, and now everything is gone.
Again, I am writing this to warn others that this can happen to anyone at any time, so it would be wise to back up treasured
items in your google account. Ironically, google provides the means to do this through their "takeout" app, which I did not
learn about until after my account was disabled. If there is anyone out there reading this that can offer any guidance
for getting my account reinstated, I would sure appreciate it!
If you lose a cloud account, you can lose stored data, remaining time on a subscription, any accumulated credit or gift cards, network link that
makes some device (such as Amazon Echo) work.
Maybe some people don't consider their email to be "cloud data", but it is. If you're saving 10 years of past
emails in GMail or Hotmail or something, it may be valuable to you, and it may be used by a hacker if your account gets hacked.
It's also hard to back up. I'm a big believer in keeping your email account as close to empty as feasible.
Clean it out !
Apparently, automatic cloud backups of your phone data can expire and be deleted
if you don't
use your phone for many months. Android backups in Google Drive Backup are deleted if you don't use
the phone for 2 months ? iPhone backups in iCloud are deleted if the iCloud account is not used for 6 months ?
Do "backups" of old non-electronic data, such as family photos and diplomas and such. Scan them
and back up the images.
Do a "backup" of your own memory: in a simple text file, write a summary autobiography.
Dates and places you lived, went to school, worked, traveled, etc. Names of friends, roommates, coworkers, etc.
Memory fades over time.
Jon Christian's "Deleting the Family Tree"
DanDeals' "PSA: Don't Mess With The Google!"
Alex Hern's "Pixel phone resellers banned from using Google accounts"
"A few reasons not to organise on Facebook"
Eric Griffith's "Back Up Your Cloud: How to Download All Your Data"
Adam Dachis's "How to Protect Your Data in the Event of a Webapp Shutdown"
And of course back up your local data, not just your cloud data.
How-To Geek's "What's the Best Way to Back Up My Computer?"
Eric Griffith's "The Beginner's Guide to PC Backup"
/r/techsupport's "backuptools wiki"
[Generally from most likely to least likely:]
Sean Gallagher's "How I learned to stop worrying (mostly) and love my threat model"
Wired's "Guide to Digital Security - Choose Your Security Profile"
- Your own actions. (The biggest threat of all. You accidentally post something private in the wrong place,
expose a password, mis-configure your device or account, drop your device,
lose your device, accidentally delete your data, trust a scammer.)
- Your family, friends, associates. (They post about you, snoop on you, accidentally leave your house or car unlocked,
mis-configure their device, drop your device, accidentally delete your data, trust a scammer. They expose their Contacts list, which contains
your name and email and address and phone number and birthday. They tag you in Facebook photographs, or
mention that you were with them at some wild party.)
Your browser history
- Your ex-spouse, former friends who now are enemies, former coworkers who you fired or angered.
(They may be highly motivated, but probably don't have access or skill to cause high-tech harm.
Unless you forgot to change the passwords they know. But they may have private info they could post.
Cyrus Farivar's "If you're a revenge porn victim, consider this free, helpful legal guide")
- Your software. Some application or web site you use may be sending your data to somewhere
else that you don't know about (some apps harvest your email address book or phone contact list or Friends list).
Or storing your data in an unsafe way in a server.
- Corporations selling your meta-data or data to advertisers.
- Corporations reading your data to enforce their contract rights (terms of service) and maybe look for criminal activity.
- Organizations accidentally exposing data you've entrusted to them, through careless practices or by getting hacked.
- Data criminals and hackers. (Identity thieves, credit-card thieves, blackmailers, ransomware, etc.
Hackers who want to use your device as part of a botnet or coinmining network. And you may be a special target if you
have something valuable on your computer:)
Laura Shin's "Hackers Have Stolen Millions Of Dollars In Bitcoin -- Using Only Phone Numbers"
Alex Hernandez's "Chase eATM user has mobile app hacked and loses $3,000"
- Casual snoops or thieves. (Although with snooping software, "casual" capabilities are increasing.)
- Law enforcement (recording everyone's activity, such as cell-phone locations and car license plates).
- Internet vigilantes or lynch mobs or public shaming.
(E.g. someone decides a picture shows you abusing your dog, and whips up a mob to punish you.)
- Private investigators and lawyers. (They have some access to government databases and powers.)
- Law enforcement (specifically targeting you).
Jonathan Zdziarski's "Protecting Your Data at a Border Crossing"
Andy Greenber's "A Guide to Getting Past Customs With Your Digital Privacy Intact"
EFF's "Digital Privacy at the U.S. Border: Protecting the Data On Your Devices and In the Cloud"
- Foreign government intelligence agency. (Highest technical ability, but no legal authority.)
- Government intelligence agency. (NSA, DHS, etc. Highest technical ability, PLUS legal authority.)
No matter what protection you propose, some people will say "oh, the NSA has cracked that !". First,
how do they
know ? Second, a counter-measure still may be worth using even if the NSA could crack it;
NSA is not the only threat or main threat. Third, just because NSA could crack something, doesn't mean they
would spend the resources to crack your
And some people say "trust no one !". Well, I think it is reasonable to trust the CPU chip vendors,
and the compiler-writers. I don't see how useful "backdoors" could be built into those things (and I have BS and MS
degrees in Computer Science). Trusting the OS vendors
is a little more dubious; I guess I trust the basic OS, but maybe not all of the standard apps and services
supplied with them. Same for trusting browser vendors.
Of course, if you trust no one
, you'll never be able to get anything done.
Can't drive my car, because I shouldn't trust the manufacturer.
Better not eat anything, because I shouldn't trust the food companies or stores.
Some people say "it's all over, we've lost our privacy, it's done". No, it's an arms race,
and right now consumers don't have very good weapons. We need to get convenient, good, routine encryption.
We need more sites, applications, and protocols designed with security and privacy as priorities
from the foundation up. Maybe "mesh" networking, peer-to-peer systems, distributed systems
("6 Anti-NSA Technological innovations that May Just Change the World"
We in USA need better regulation of spy agencies, via FISA and Congress.
It's not over. You're generating new private data every day; you can protect that.
And you can create fake data.
A worrisome trend: intelligence agencies being pressed to use their powers for non-intelligence purposes.
From Alex Hern's "David Cameron: GCHQ will be brought in to tackle child abuse images"
"GCHQ [the British intelligence agency] will be brought in to tackle the problem of child abuse material
being shared on peer-to-peer networks."
From NSA spokesman quoted in Barton Gellman and Ashkan Soltani's "NSA collects millions of e-mail address books globally"
"[The NSA] is focused on discovering and developing intelligence about valid foreign intelligence targets
like terrorists, human traffickers and drug smugglers."
Eric Boehm's "Reuters: Law enforcement use info from NSA phone database to go after common criminals"
Conor Friedersdorf's "The NSA's Porn-Surveillance Program: Not Safe for Democracy"