We have seen a lot of cases where the company can’t find out the real account owner. Your account got hacked or your friend changed the email/number/pass and now you can’t access it. This happens a lot in the gaming community with steam accounts.
So What Makes an account yours anyways? and how to protect yourself from account theft?
Email
The #1 point of contact will be the email you signed up your account with, everything else will be used to add credibility and layers of security over the email.
You can check if a particular email/pass is out there in the wild, if yes its burned and you shouldn’t be using it now.
Your email account itself should be made highly secure via password memorization and 2FA. If you loose access to the email, you won’t be able to reset the password.
Mobile Number
This will be the second point of contact. I wrote about this here:
You can check if a particular number is out there in the wild, if yes its burned and you shouldn’t be using it now.
https://cybernews.com/personal-data-leak-check/
Password & 2FA
This is not a point of contact but a way to authorize that it’s really you. I wrote about passwords here:
When you register a site for 2FA, you get backup codes
My advice is to divide those codes in 3 equal parts then store in
Encrypted drive (Veracrypt)
Write it in a diary
Encrypt it and store it in cloud/email
Backup your 2FA app and store it on pc weekly.
Gov. ID
Unless its a financial institute, it shouldn’t be asking about a gov. id. but this is the easiest way to verify a person’s identity and hence ownership. So social media companies use this but you should be very careful when you are handing over such critical information. In most cases, you shouldn’t.
Billing Info
You will be doxxed the moment you put your billing info in, but if you want a link between you and the account, this is a solid way. I wrote about anonymous ways to pay here:
Country & IP
At the time of signup, a record will be made and your account will be locked to a country X as its place of operation. Changing the country in the account in most cases will still be a 2nd country not the primary.
Devices
If you use social sites, you know that a device can be used for 2FA purposes. Hence the more devices you have the account on, the better.
In Android, you can create profiles.
In Firefox, you can create containers.
In Windows, you can create sandboxes.
In linux and Mac, you can create users.
IOS is lagging behind this but it may be introducing such things via Managed Apps and Devices.