The student news site of de Toledo High School

The Prowler

Upcoming Events
  • June 10June 17: Summer Program Begins
  • June 2June 6: Graduation
  • June 1June 4: Lunch with the Arts: Media Arts & Film Screening
  • May 30June 2: Prom
The student news site of de Toledo High School

The Prowler

The student news site of de Toledo High School

The Prowler

How to keep your online accounts secure

A Beginner’s Guide
Cole Plager ’25
You can check if your email has been involved in a data breach by going to haveibeenpwned. This website will show the data breaches your email has been involved in, allowing you to take action.

In the 21st Century, people have become more and more connected with technology, entangling their lives in the physical world with their digital ones. Being able to protect yourself physically has always been important, and in this day and age, being able to protect yourself online is critical. 

As a kid with an interest in technology and Cybersecurity, I have talked to many people about their digital security practices. To be honest, some of what I have seen horrifies me, and don’t even get me started on the nightmare scenario – a simple password, lacking length and randomization, being reused on virtually every account the person owns, including sensitive accounts, such as online banking and brokerage accounts. If your Gmail password is “Gmail[birth year]!” and your Netflix password is “[city of birth][year of birth]!” this article is for you. 

A strong password is the crux of your digital identity. Most account takeovers don’t even happen via phishing, they happen through the use of stolen or leaked credentials. For example, let’s take a look at this “hypothetical” scenario.  At some point before April, 2019, you sign up for a Lumin PDF account using your school email, In September of 2019, Lumin PDF reveals that they had been breached back in April, but only after the sale of their internal database containing 15.5 million records of user data appeared for sale on a popular hacking forum. This breach, they report, contains Authorization tokens, Email addresses, Genders, Names, Passwords, Spoken languages, and Usernames. Unfortunately, your Lumin PDF and Google password were the same, and now hackers have breached your Google Docs account and stolen your secret diary. 

This is very upsetting and tragic, but obviously a hypothetical scenario. Password breaches are scary, especially because it is something out of your control, but by following the tips in this article, you will be able to feel more confident and secure knowing you have lessened the degree to which leaked credentials will affect your digital life as a whole. 

Tip #1: Check for Breached Passwords

You can check if your email has been involved in a data breach by going to haveibeenpwned. This website will show the data breaches your email has been involved in, allowing you to recognize the breached password and take action if you have reused the same email:password combination on other websites.

Tip #2: Learn to Create Strong Passwords

You can check the strength of your current passwords using’s free online tool, found here also includes a list of password best practices, which are:

  • A password should be 16 characters or more; our password-related research has found that 45 percent of Americans use passwords of eight characters or less, which are not as secure as longer passwords.
  • A password should include a combination of letters, numbers, and characters.
  • A password shouldn’t be shared with any other account.
  • A password shouldn’t include any of the user’s personal information like their address or phone number. It’s also best not to include any information that can be accessed on social media like kids’ or pets’ names.
  • A password shouldn’t contain any consecutive letters or numbers.
  • A password shouldn’t be the word “password” or the same letter or number repeated.

Tip  #3: Use a Password Manager

Using a password manager such as 1password can keep you safe online by helping you  generate complex, unique passwords for each of your online accounts. This method provides you with the convenience of only remembering one password (the master password to unlock your password manager), while providing the security of having multiple, random passwords which would be extremely difficult for the average person to memorize. 

Tip #4: Use an Authenticator App

Most websites allow you to add an Authenticator App such as Microsoft or Google Authenticator. This provides you with a randomly generated code every 30 seconds, and the code never leaves your device. Even if the hacker does have your valid email:password combination, they will not be able to log in to your account without your device. Instructions on how to set up an authenticator app can be found online. 

By following these tips, you can ensure peace of mind when navigating the complex world of digital security.

Leave a Comment
More to Discover
About the Contributor
Cole Plager
Cole Plager, Technology Editor
Cole Plager is a 16 year old Junior at de Toledo High School. He is interested in Cybersecurity and Technology. This year in Journalism, he will be writing about the latest advances in technology and interviewing captains of the tech industry.

Comments (0)

All The Prowler Picks Reader Picks Sort: Newest

Your email address will not be published. Required fields are marked *