Speak Up & Stay Safe on FeministFrequency is another good resource.
These steps will prevent people from breaking into your accounts by exploiting weak passwords or weak storage.
Remember that even if you have good passwords, most people re-use passwords. So if you use the same password for your e-mail and some random website, and the random website gets hacked, the hacker now has your e-mail and the password.
- Download 1Password or something like it
- Come up with a good master pass-phrase that can be typed like an English sentence (like "This is my password.")
- Use 1Password's "Password Generator" to create long, complex, unique passwords for all social media accounts. This will probably take anywhere from a few hours to a few days depending on how many accounts you want to secure.
- If your accounts support "Two-Factor Authentication", use it. It means you have to get a text on your mobile phone to log in to an account. You can also use Two-Factor Authentication (or "2FA") mobile apps that let you authenticate even if you don't have a mobile data connection for text messages.
Now you want to make it more difficult for stalkers, identity thieves and trolls to collect your information. In this step, you have to think like a stalker so you can stay a step ahead of them by removing as much information about yourself from the internet as possible.
- Make a list of every e-mail and username you've ever had. Try searching through your e-mail history if you're having trouble remembering.
- Set up Google Alerts for your name, your e-mail, your phone number, and all of the usernames: https://www.google.com/alerts This way you'll be notified if your personal information is posted online, or if someone re-publishes something that you missed.
- Do searches for your e-mail, your usernames, all variations of your real name, and your phone number. Try to delete old accounts. Contact webmasters and ask them to remove you.
- Once you've removed your information from a site, re-do the search that located it. If the old information is still appearing, submit a removal request to Google: https://www.google.com/webmasters/tools/removals?pli=1
- Remove your birth date and location from all social media.
- Deactive geolocation on all social media sites.
- Set a five-minute screen timeout on all of your devices, with password protection. Otherwise, any stranger who recognizes you could easily pick up your phone when you walk away for a few minutes and grant themselves access to your accounts.
- Install Prey or similar applications on all of your devices so they can be remotely disabled and tracked if stolen.
- If you use Internet Explorer, switch to Firefox or Chrome instead. IE is built-in to Windows, so it's easier to exploit than other browsers.
- Don't trust phone numbers that aren't in your phone memory. If your credit card calls you and asks you to verify your credit card number, ask them for a reference number and then call them back using the number on your credit card.
- Consider switching to a "Voice-over-IP" service like Google Voice, which allows you more fine-grained control over blocking numbers.
- Create anonymous burner accounts when you ask questions about company-specific issues online. For example, if you want to post a question about your Chase bank account, don't do it under a name that can be traced back to your identity. If a hacker knows your name and knows that you use Chase, they can call Chase customer service and trick them using other publicly available information about you.