Originally Posted by
CrazyEddie
Sorry for your situation and I hope it works out. Thanks for the post, as I had always thought of DL as a lower tier security level (thinking "what, is someone going to book a flight for me?") and had not, for some reason, thought that SMs could be stolen. I took the opportunity to increase the complexity of my PW.
Complexity alone is essentially worthless. You need to ensure that you have long passwords before you worry about complexity. The length is what increases the entropy, or the difficulty of guessing all of the possibilities. If you want to understand more, you can get a quick explanation here: passwordstrengthcalculator DOT com. The calculations are probably outdated in terms of current processing power, but the math behind it is still accurate. You can also watch Lorrie Faith Cranor's TED Talk called "What’s wrong with your pa$$w0rd?"
You need to use a password manager for all of your accounts so that you never have to remember them, which allows you to use unique passwords that are the maximum length possible. You can use diceware to generate long passphrases that are easy to remember for the master password to your password manager. The password manager encrypts all of your passwords end-to-end so they can be stored safely in your phone and/or computer, as well as synced to the cloud. The cloud storage never sees the cleartext passwords.
Your password manager and each individual account should also use multi/two-factor authentication. Even if someone steals your password, they still need something else (e.g., your phone) in order to access your account. Unfortunately, Delta still doesn't offer this basic feature that provides you with exponentially better account security.
Once you're using a password manager, you can easily lie when answering security questions because you no longer have to remember your answers. Most security questions are easy to hack because that information can be gathered online. Use a random phrase generator to create your answers and then store them in the password manager.
Always use a VPN when connected to the Internet, not just when you're using WiFi. VPN services are cheap and most allow for multiple devices per account.
Treat your boarding passes like credit cards. They have a lot of unencrypted personal information encoded in them. Try using a barcode scanner app and see for yourself. Don't throw them in the trash; shred them at home.
One last useful tip regarding travel security, never post anything about your current or future whereabouts on social media. No one needs to have a minute by minute account of your life. If you must share your travels, wait until you're home to recap everything. You're only telling everyone that your home is likely unprotected for however long you'll be gone.