Recommendations for Protecting your security

Make sure that software or server where email is hosted is up to date (example Microsoft exchange email servers were affected by some hacks earlier this year https://www.zdnet.com/article/everything-you-need-to-know-about-microsoft-exchange-server-hack/ )

Never use the same email password combination on different websites (Example do not use the same email pass on Linked in, Facebook, or any other website. A few years back all LinkedIn and Facebook accounts were hacked so if that other service/website gets hacked you are risking somebody accessing your email)

Use 2FA if possible (do not use retrieve code via email in this case, rather use SMS or Authenticator apps)

Be careful of suspicion emails or phishing emails (Usually those emails have some links and text where it says something like: Please verify your email and link is to the phishing website, or often they say something, you are at risk for your email to be turned off unless you verify here). This is the most common practice of stealing peoples email addresses/passwords

Regularly check rules in your emails server (often if you already got hacked, what happens is that hackers put an automatic rule to forward all your incoming and outgoing email addresses)

If possible I often like to put rules in place where you are able to login to an email server from a certain country (for example, all email users are from Sweden, in that case often I put restriction that you can only log in via Sweden)

Use strong passwords:

• a strong password is not qwer1234 or asdasd or including word test or demo

• or p@ssword

• or adding ! at the end of the pass just because software asked for a character or changing a with @ sign

• it is not your name or the name of your kids

• it is not the company name

• it is if it has more than 8 chars

• it is not a dictionary word

If possible use brute force protection on the email server