The journey to consolidating your cyberself began in part one of this three-part series. In this final instalment, we present a strategy for taking control of your digital online accounts.
After finding as many accounts as I could, and let’s be real, there were probably way more out there, I began to ponder what to do next.
I was staring at a list of 300 accounts in a very nice spreadsheet (if I don’t say so myself) and estimating this would take me days to clean up. Rather than going line by line, I decided to prioritise my actions.
Reminding myself of my goals, after fathoming the extent of my cyberself, I wanted to first protect my high-risk accounts and then delete or secure any remaining accounts as applicable.
Here is the method I landed upon for consolidating my cyberself:
Step 1: Set up a primary password manager
To facilitate this you will need a password manager. There are many options available for you to choose from. They include password managers that integrate with your phone or computer’s operating system (e.g. Apple Keychain), web browsers (e.g. Google Chrome Password Manager), or even stand-alone password managers (LastPass, KeePass, Dashlane etc.)
The choice of password manager really comes down first to convenience and then preference. For example, if you use all Apple products to interact with your cyberself then perhaps Apple KeyChain is right for you. Or maybe you want something independent of the devices you are using to access your accounts for added security and maybe something like a LastPass would make more sense.
Regardless of the password manager you choose, the primary benefit you should hope to realise is the ability to create and securely store strong/complex/unique passwords for each one of your online accounts. In doing so you should also be able to stop having to remember your passwords. That is one of the advantages of a password manager.
In fact, the only password you really should have to remember is the password to your password manager. In some cases this may be simplified through the use of biometric authentication like thumb print or facial recognition.
You should consider adding multi-factor authentication to the account associated with your password manager. In the case of Google Chrome, for example, you can add many different options of multi-factor authentication such as text messages to your phone, using the Google Authenticator app, or even getting a dedicated physical token (e.g., YubiKeys) to authenticate your identity.
Step 2: Identify and secure high-risk accounts
Now that you have picked out your password manager, you can start to add/update it with your online accounts.
Start by identifying and addressing your high-risk accounts. Everyone’s definition of high-risk is going to be slightly different based on their unique cyber presence and values. In general, most people would likely identify as high risk, their primary email accounts, accounts that directly impact their finances (e.g. banking, investment, etc.) and perhaps social media.
If these are your high-risk ones, take these accounts and get them into a password manager right away. Consider changing their passwords to something ridiculous or let the password manager create and remember the password for you.
For your high-risk accounts, you should consider enabling some of that good multi-factor authentication stuff we mentioned (if supported by the platform) – most email, social media, and banking accounts should have this feature available.
Step 3: Review accounts linked to apps installed on your devices
Next, take a spin through the apps that are installed on your devices and decide whether you are going to keep them or get rid of them.
This will be a great way to declutter your devices and beyond that, protect you from any apps potentially still harvesting your data, that is if you have not already limited their access through your device’s privacy settings.
If you plan to keep an app, then get the associated account into the password manager. If necessary, update the password based on the risk of the account. In some instances, you may want some accounts to still have relatively easy passwords to make it easier to log in on other devices. A good example of this may be for your streaming services like Netflix…because who wants to spend 20 minutes typing in their password on their TV?
For each account you plan to keep, also review privacy settings on your device as well as any connected platforms that use that account. For example, if you change your Facebook password, it will do nothing to address the risk that all the platforms you gave access to your account still pose a risk by being able to read your profile data.
If you decide to delete the app then be sure that there isn’t more that you have to do beyond just uninstalling it from your phone.
You may likely need to log onto the platform’s website and request that your account and all of your data be deleted. Depending on where you live in the world, asking to be forgotten on a platform could be harder than others. The privacy policy for the website is a good place to go if a “delete my account” button is not explicitly available.
Trying to delete mobile app accounts can be one of the most time-consuming processes of all. At the end of the day, if you cannot find how to delete an account, consider adding it to your password manager and changing the password to something strong.
Step 4: Make a plan to address the remaining accounts
Hopefully, by now, you’ve made a pretty good dent on your list of accounts by following the first few steps.
However there are probably quite a few random accounts left over to address. Lucky for you, the high-risk accounts have been addressed and at this stage, you should just have the random stragglers left to sort out.
I found attempting to delete accounts completely from some platform extremely difficult. In some instances I actually found that the platform had deleted my account because of inactivity. However, in many cases, I would try to delete an account I no longer used and gave up because I could not find how or the platform just didn’t offer it.
In those instances I changed the password and/or added it to the password manager and emailed the privacy email address they noted in their privacy policy.
At the end of the day, you may make the determination to just change all the passwords and leave the accounts alone. If the account is truly low risk and has very little of your data, the cost benefit analysis would probably suggest that this is the right course of action.
Either way, create a plan for consolidating your cyberself and commit to it by slowly chipping away at the list.
You could use your email as a trigger for this – every time an email comes in associated with an account you no longer use, you could spare a few minutes to delete it. Or you could just methodically go down your list and address each account one by one. Whatever works best for you, do it, but be sure to commit to it.
Maintaining your consolidated cyberself
Consolidating your cyberself will be an ongoing effort and it will be important that you work on solidifying good habits to ensure you don’t get into the same mess you began with.
Looking back at my three original goals, I felt pretty good about my understanding of the extent of my cyberself and the security of my high-risk accounts. However, of my 300+ original list, deleting redundant accounts proved to be, as mentioned, surprisingly tricky. Getting them all in the password manager with unique passwords felt like a good position to be in.
Committing to your password manager will be key to ensure you have strong and unique passwords for all of your online accounts.
Some password managers can even monitor recently publicised breaches to check whether your username and password combination has been compromised. That’s another advantage of password managers.
Finally, try to resist the urge to install every app under the sun…especially the passing fads. It may not seem like you are putting yourself at any risk, but simple logic suggests that the more personal information you put out there, the bigger and less consolidated your cyberself becomes.
Taking control of your cyberself in this increasingly digital world is worth the effort!
