How to keep your cloud accounts secure

The cloud can be a wonderful thing. It’s a place where you can store your files then access them from any device. But it can also lead to disastrous situations.

Oscar-winning actress Jennifer Lawrence and many of her peers had nude photos posted on the Internet this weekend, and some believe the hacker got hold of them by breaking into the actresses’ cloud accounts. That’s certainly what Kirsten Dunst, one of the victims, is placing the blame on.

As we’ve seen all too often lately, nothing is unhackable, and when you use a cloud service, you’re trusting that another entity will do its best to keep your files protected. You have no control over how Apple, Dropbox, Google and others secure their cloud services, but you can add extra layers of protection by taking some simple measures:

Use a complex password: If your password is “12345" or “Jesus1,” you’re begging to be hacked. Your password should resemble something along the lines of “JjW4Tt1stH3be3*st.” Your password should not contain words found in a dictionary, it should use lower and uppercase letters, it should contain numbers, and if possible, it should include symbols such as #, % or ^.


Use different passwords: Having a complex password isn’t enough. You need a different password for each account you have; otherwise, if a hacker gets hold of one password, he or she could use it to break into other accounts that use the same login information.

Use a password manager: Remembering complex passwords for each of your accounts is nearly impossible. One solution is a password manager, a service that generates incredibly difficult-to-crack passwords for each service you use and stores them in one spot. That way, you only have to remember one complex password -- just make sure no one ever learns your password manager’s password or all of your accounts could be compromised.

Two recommended services are 1Password and LastPass. Both may cost you some money, but they’re worth it if you’re serious about security.

Enable two-step verification: Besides passwords, you can add more protection by turning on two-step verification. This will require you to enter your login email, your password and a special code sent to your phone in order to access your cloud service. Two-step verification makes logging in a bit more cumbersome, but it gives you a second key that only someone with access to your phone can get.


Most cloud services offer two-step verification, and it can usually be enabled by going to the security portion of your account settings. You can also search Google for “enable two-step verification” followed by the name of the service you use.

Turn off automatic backups: Many cloud services come with automatic backup features turned on by default; most users don’t know about it. These features might upload pictures you take on your phone to the cloud or create entire backups of your phone so that you have a second copy in case you lose the original. These features can be helpful, but they can also be damaging. Fortunately, you have the option of turning them off.

You can usually turn off these features by going into your service’s settings. If you’re having trouble turning it off, search Google for “disable automatic backup” and the name of your service.

Do not upload anything you wouldn’t want to end up on TMZ: Avoid the fate of Hollywood starlets and do not upload anything to the cloud that you wouldn’t want splattered across the Web. Of course this includes nude photos, but it also goes for other types of files, such as your financial documents.


If you don’t want those files exposed, keep them off the cloud, and delete them when you’re done with them. If you absolutely need a copy of the file, keep it on your computer or on a physical, external hard drive that only you have access to. But remember, nothing on the Internet is unhackable.

Follow me on Twitter: @sal19