Last night, I received an email from Facebook saying that I had registered using a particular email address. I checked out everything with the email (all the links were directed to Facebook.com, the sender was Facebookmail.com [I verified that that’s Facebook’s sending domain], and the text of the email as a whole was consistent with Facebook’s other messaging) but the email address was one I have NEVER used.
The only reason I received the message was because the address that was used goes to a catch-all junk account.
I don’t know what’s going on, but I triple checked my security settings on my email and Facebook. I changed my passwords using 1Password, which I use to generate long, strong (That’s what she said.) passwords, like this one: LptS6g[“ZPc(h4&e”WL. And I revoked access to all devices, which will force me — and any badguys — to log in again with those new passwords.
Kind of a pain, but with as much as I do online, I feel like this is the absolute minimum I can afford to do.
So, just a reminder, folks:
- Use two-factor authentication where possible.
- Use strong passwords.
- Don’t use the same password across accounts.
- Change your passwords regularly (I’m not very good about that)
And just double check your security settings to make sure everything is good. Facebook and Google are both very helpful on that front.
Be safe out there!