I'm sure most of you know about the Gawker breach, where hackers were able to get in and steal passwords and e-mail addresses from commenters. Recently they posted a how-to guide on using tabula recta for password security. I'm sure that wasn't a coincidence.
The truth of the matter is, you are responsible for your own security. And if you don't have an ancient codebreaker handy, here are some general tips for keeping your accounts safe.
1. Use a different password for different sites. Always. Unless it's a throwaway account you don't mind losing (or having another person control), keep your password different each time.
"Yes, but how am I going to remember them all?" you ask. Well, there are options like KeePass, or, if you want to do things old-style, just use a system you'll remember. Make sure your passwords are complex, using both letters and numbers--as well as punctuation, if you can. A mix of upper and lower-case letters is always a plus. Never make your password a simple word.
2. Delete credit card information from sites you don't use anymore. And don't use a debit card on the Internet--those aren't as secure as credit cards when it comes to fraud protection.
3. Keep your recovery information for your most important accounts up-to-date. If you have a main e-mail address with a secure password, don't have your "recovery e-mail" be one that's easy to access. If you lose access to a main account and don't know the recovery address, or it's since been deactivated ... also bad.
4. "Security questions" are a really good back door for people to get into your accounts. Don't choose the question "What is your mother's maiden name?" or "What is your favorite book?" and answer it truthfully. Instead, choose something no one else would really know. Maybe answer "What is your mother's maiden name?" with the maiden name of a character in your favorite book, or "What is your favorite color?" with a favorite movie that has a color in the title.
Make sure no one should be able to guess your answer, and that you'll remember it. Easier said than done, of course, and I sometimes wish security questions were optional, but if your password is secure this will just be additional protection. (And don't use the answers here--use unique ones.)
5. Most people don't think of this, but put a numerical lock on your phone, iPod touch, or other device you take with you outside of your home. It's no use having a super-secure e-mail address if you're logged into it on your unsecured iPhone and someone swipes it.
6. Don't sign up for an app on Facebook just to view a video or read some kind of post you see on someone's status. More often than not, your friend didn't post it--an app took control of their account and set it as their status. As a rule, I don't add apps at all, but if you want to use them, google them first to see if they're safe.