Dos and Don’ts for Protecting Your Personal Email Account

If you think about the number of emails you send and receive each day, it adds up to a great deal of exchanged personal information. Not only do we write back and forth to friends and acquaintances via email, but we also conduct personal business with banks, credit card companies, charities, and more. This means we transmit and store a host of personally identifiable information—our full names, birthdays, account numbers, receipts, medical correspondence—in our email accounts.

If a clever hacker were to gain access to your email account, how much of your confidential information would be vulnerable? To help protect your information from the many cyberthreats that exist, here are some important dos and don’ts.


  1. Wait until you’re on a private, secure network to access, send, or read email messages that contain sensitive information.
  2. Audit your messages. a. Retain as little information about yourself as possible in your account so that a potential hacker couldn’t obtain enough personal data to con you (or those you know) or to steal your identity. b. Regularly clean out your messages from your inbox. This is particularly important if you have opted for paperless billing and statements from your financial institutions. A best practice is to delete the pertinent emails once you take care of any online financial business. c. Regularly delete items in your Trash and Sent folders.
  3. Use a strong password, which makes it much more difficult for intruders to access your account. A strong password has at least eight characters; contains a mixture of numbers, upper- and lowercase letters, and special characters; does not contain words in any language, slang, dialect, or jargon; and is not based on anything personal, such as your pet’s name or hometown.


  1. Check your email on a public Wi-Fi network. Hackers have ways to sniff out your activity more easily on public networks so that they can read your emails, dig around in your account, and even see what you enter for your password when you log in.
  2. Use the same password for different accounts. When you open an online account with a company, the company will likely use your email address as your username for the account. Because so many organizations follow this practice, if a cybercriminal were to obtain your personal email address, they could be a giant step closer to accessing your online “world.” The cybercriminal might then attempt to determine your password and break into your various online accounts. Play it safe and create a different password for each online account you open.


Use Multifactor Authentication (MFA)

Although a strong password is your first line of defense against hackers, a username with a strong password may not be enough to ward off criminals. Hackers’ tools and tactics are becoming more sophisticated by the day. This is why multifactor authentication should add another layer of verification. After logging in with your username and password, a code will be sent to your smartphone, which you’ll need to provide before you can access your account. So, even if your username and password are compromised, a hacker couldn’t readily access your email account unless they had your phone in hand.

If you have any questions about the information shared here, please feel free to call or email our office