Labels

BeSafe: Phone, E-mail, Passwords Secured

CZ | DE | PL

Today, we all use the internet for banking, social media, news, and shopping. Yet most people only address security when it is too late. This article is the first part of the "BeSafe" series, which will show you why ignoring online security is a mistake and how to avoid these problems. Therefore, it is wise to pay close attention to this article and go through it thoroughly.




Most of us encounter news on TV or the internet daily like: passwords leaked from this or that service, someone was robbed of their life savings, someone fell for a fraudulent email or SMS. And many people say to themselves at that moment: "It can't happen to me, I'm careful!".

But then, one well-thought-out, sophisticated scam targeted directly at a specific person is often all it takes, and suddenly it happens to them too. Not because they are foolish, but because attackers today are very resourceful and work with emotions, trust, and human inattention.

The truth is simple: none of us are 100% safe unless we actively take an interest in our digital security and try to secure what can be secured.

Some people try to protect themselves by deleting or deactivating Facebook, WhatsApp, Instagram, TikTok, Telegram, or other platforms. Often with the feeling that this makes them safe. But unfortunately, that is a mistake. Simply deleting an account does not mean that no data about you exists on the internet.

You may have heard the term "shadow profile". For example, Meta (Facebook, Instagram, WhatsApp) can create basic profiles even for people who do not use Facebook at all. It is enough to visit an e-shop or a website that has embedded elements of this social network, such as a "Like" button, "Share" button, or other tracking code. Even without any interaction, technical information begins to be stored: device type, browser, IP address, approximate location.

Messaging apps work similarly. Even if you don't use WhatsApp, Telegram, or another service yourself, they may have indirect information about you because someone in your family or friends uses it and allows the app access to their contacts. This creates more "shards" of your digital footprint.

It's not about someone knowing that a specific person bought a specific washing machine. It's about systems creating technical identities, anonymous IDs, under which information about behavior, devices, and movement on the internet is stored. Once you create an account, the data can be linked.

And it's not just about Meta. That is just the most visible and frequently mentioned one. Similar principles work across the entire internet. Although today, thanks to the European Union, there are stricter rules and greater pressure for transparency, one thing remains the same: what you put on the internet once leaves a trace.

But this article is not about scaring you or saying you should stop using the internet or modern technology. On the contrary. It's about how to behave on the internet safely, responsibly, and with common sense, because you never know when and how someone might misuse your digital footprint, whether against you personally or as part of a scam.

#besafe

Phone number: the most valuable key to your digital identity

Most of us have our own phone number to stay in touch with family, loved ones, friends, employers, authorities, or various services. To put it simply: a phone number is our digital signature today.

There are various ways to obtain a phone number. Either through a plan with an operator or by purchasing a prepaid SIM card. You can have it registered to a specific person or use it anonymously. In some countries, anonymous SIM cards no longer exist at all, and registration with an ID card or other document is required upon purchase. This has its reasons—fighting terrorism, crime, or fraud—but it also shows what a crucial role the phone number plays.

Whether you have a plan or a prepaid number, one thing is certain: it is very sensitive data. We use our phone numbers to communicate not only with family but also with doctors, authorities, or companies. It is often our primary contact detail because it's faster to call or send a message than to wait for a letter.

The problem begins when we give our number "everywhere"

However, today a phone number is not used just for communication. We use it when registering for:

  • Email services
  • Social networks
  • Messaging apps
  • E-shops, contests, loyalty cards
And this is where the problem begins. We entrust our number to dozens of services, and not all of them are sufficiently secured. Yes, the responsibility should lie with the providers of these services. But the reality is that when a leak or misuse occurs, it will mainly affect you.

Therefore, it is important to ask:
  • Do I really need this service?
  • Is it necessary to enter a phone number?
  • Isn't an email or an authentication app enough?
For some services, a number is essential, but elsewhere there are safer alternatives. If you already enter your number on social media, for example, never leave it publicly visible. Use it only for account verification or recovery.

How a public number becomes an ideal target

Imagine a simple situation. An attacker finds a public profile on a social network:
  • First and last name
  • Public phone number
  • Date of birth
  • Schools attended, employment
  • Location where the person moves
  • Currently ongoing vacation
  • Photos of children, pets
At that point, they have a perfect foundation for a scam. They call, act confident, address you by name, mention your place of residence or children, and you automatically gain a sense of trust. Not because they are trustworthy, but because they used information that you published yourself.

Under such stress, a person often doesn't even realize that the caller:
  • Did not state the company name
  • Is pushing for a quick decision
  • Is asking for sensitive data
And yet, the whole problem arose "just" from poor privacy settings.

A phone number can be misused even without your SIM card

Today, unfortunately, it is no longer true that an attacker must have physical access to a phone number. There are techniques where one can:
  • imitate calling from your number (spoofing)
  • attempt account recovery via SMS
  • misuse the number for targeted attacks
Technologies are fast and convenient, but at the same time dangerous if we handle them carelessly.

Some people therefore use two SIM cards:
  • One private number for banks, authorities, and family.
  • A second "disposable" number for registrations, contests, and loyalty programs.
It may be impractical, but it is very effective. Ideally, there would be something like a phone number alias, similar to one-time payment cards or Apple's "Hide My Email" feature.

Key Takeaways

A phone number is the foundation of your digital identity. Protect it as carefully as:
  • access to your bank
  • your ID card
  • passwords to your accounts
Don't give it out unnecessarily everywhere. Every piece of data you publish can be used against you, often very inconspicuously.

Email Address: A Key Element of Digital Security


Just as we talked about the phone number, an email address is like our digital address. Thanks to it, you can be found in almost every service. Usually, we log in with an email and password, and when we need to reset a password, the form is sent to this address.

Therefore, it is important to have a strong password and two-factor authentication (2FA). If you set up this security, you have 70% of the work done, preventing the most common attacks.

But it's not enough to just secure the account. It is also important where you enter your email and why it's a risk:
  • Website and Service Registrations: always verify that it is really the given company. Scammers create pages that look completely real just to obtain your data.
  • Social Networks: do not list your email as public info on your profile. An attacker can easily scrape it and use it for phishing or account hijacking.
  • Fake Messages and SPAM: emails like "Inheritance Abroad" or "unpaid shipping fees" can lead to sites that collect your passwords and personal data. They are often so sophisticated that they will display: wrong password, please try again, and save every variation you enter.
Tip: No legitimate company will ask for your password, phone number, or payment details via email. If you receive a suspicious email, verify the contact through another channel, for example, call the company's official number (not the number listed in the message or email).

Two Email Addresses: How to Use Them

Many people use two email addresses:
  1. Primary Email: for official communication, banking, children's school, healthcare...
  2. Secondary Email: for registering for games, contests, loyalty programs, or less important services...
Practical Advice:
  • Use your primary email to register accounts where you use a payment card.
  • Use the secondary one for less sensitive services.
  • Never share your primary email publicly.

Checking if Your Email Was Compromised

There are services that show you if your address has ever been compromised. For example:
Tip: You enter your email, and the service shows you if your data has ever appeared in a data leak. Attention, you enter everything at your own risk; never do this on suspicious websites.

Practical Tips for a Secure Email:
  • strong password
  • two-factor authentication (2FA)
  • do not use public Wi-Fi for sensitive emails without a VPN
  • do not send email codes or passwords to anyone
  • consider aliases and disposable emails: for example, when registering for less important services

Password: A Unique Secret for Each of Us

A password is like a key to our digital world. When someone gains your password, they practically have access to everything related to it: email, social networks, bank, services, and essentially your entire digital life. Therefore, a unique, strong, and carefully protected password is an absolute necessity.

What is a strong password?
  • Long: ideally at least 12 - 16 characters.
  • Combination of characters: uppercase and lowercase letters, numbers, symbols.
  • Unpredictable: no names, dates of birth, favorite teams, or dictionary words.
  • Unique for every service: never use the same password on multiple accounts.
Tip: You don't have to remember passwords if you use a password manager, e.g., 1Password, Bitwarden, or built-in management in browsers or phones. These applications generate truly strong passwords and store them securely.

What happens when a password leaks?

Imagine you use the same password for email, Facebook, and banking apps. An attacker gets one password and has access to almost everything. It often happens that someone receives a phishing email or a password database leaks from another service. If you use the same password everywhere, you are opening the door to your entire digital world.

Practical Advice:
  • Never share your password: not even with family or friends.
  • Use a password manager: secure, generates strong passwords, remembers them for you.
  • Regularly change passwords for sensitive accounts: especially email and banking apps.
  • Turn on 2FA everywhere you can: particularly for email, social networks, and banking.
  • Beware of phishing: never enter your password on pages that do not look official.

Modern Ways of Logging In: The Passwordless Era

In recent years, digital security has been moving forward, and classic passwords are gradually giving way to more modern login methods. The reason is simple: people don't remember passwords, they repeat them, and attackers very often exploit this. That's why more and more services today offer login that doesn't require a password at all.

Passkeys

One of the most secure modern solutions is so-called Passkeys. They are used, for example, by Apple, Google, Microsoft, and gradually other services as well.

How does it work?
  • You don't create a password.
  • Login takes place via your phone, computer, or tablet.
  • Verification is done via fingerprint, Face ID, or device passcode.
  • The key is stored locally on your device, not on a server.
Advantages:
  • It cannot be intercepted by phishing.
  • There is no password database that could leak.
  • It is linked directly to your device and your biometrics.

Login via QR Code

Another increasingly common method is logging in via QR code.

How it works:
  • A QR code is displayed on the computer.
  • You scan it with the phone where you are already logged in.
  • You confirm the login with a fingerprint or Face ID.
This method is used by, for example:
  • WhatsApp
  • Google
  • Apple
  • Some banking applications
Advantages:
  • You don't type any password.
  • You minimize the risk of someone eavesdropping or looking over your shoulder.
  • Fast and convenient.

Biometric Login (Fingerprint, Face ID)

Biometric data is commonly used today on phones, tablets, and laptops:
  • Fingerprint
  • Facial recognition (Face ID)
  • Sometimes even iris recognition
This data:
  • Does not leave the device.
  • Is embedded in a secure chip (e.g., Secure Enclave on Apple devices).
  • Serves only for verification, not for data transfer.
Biometrics very often replace password entry today, but it's important to realize that:
  • Biometrics is not a password.
  • It is only a way to verify that it is really you.

Hardware Security Keys and Encrypted USBs

There are also physical security keys that look like a USB flash drive. For example:
  • YubiKey
  • Security USBs with a PIN or fingerprint sensor
These keys:
  • Function as a second factor or a complete password replacement.
  • Login occurs only when the key is physically present.
  • Some have their own encryption or biometric sensor.
Advantages:
  • An attacker cannot log in without the physical key.
  • Extremely high level of security.
  • Ideal for email, banking, or work accounts.
Does this mean the end of passwords?

Not exactly. Passwords will be with us for some time. But:
  • Modern methods are more secure.
  • They are more resistant to phishing.
  • And above all, more convenient for the average user.
The ideal state today is:
  • A strong password (stored in a password manager).
  • Combined with 2FA.
  • And wherever possible, Passkeys or biometrics.

Two-Factor Authentication (2FA): The Next Line of Defense

If a password is your secret, then two-factor authentication is your double lock on the door. A password alone is no longer enough today because attackers can gain access to email, phones, or even crack a weaker password.

2FA adds an extra verification step that makes access significantly harder for strangers. Even if someone obtains your password, they cannot log in without the second factor.

Types of 2FA

SMS Code
  • Simplest form: The service sends a one-time code to your phone.
  • Disadvantages: The code can be intercepted via a SIM swap attack or malware.
  • Advantage: Easy for average users.
App Code (Authenticator app)
  • For example, Google Authenticator, Microsoft Authenticator, Apple Passwords, Authy...
  • They generate one-time codes directly on the phone, without SMS.
  • Advantage: More secure than SMS, resistant to SIM swap attacks.
Push Notifications
  • Some services (Apple ID, Google, banking apps) send you a notification: "Do you want to log in?", and you just confirm on your phone.
  • Fast and convenient.
Physical Security Keys
  • USB or NFC keys (e.g., YubiKey) serve as a second factor.
  • You can only log in with the physical key.
  • The most secure variant, ideal for banking, email, or work accounts.
Biometrics as a Second Factor
  • Fingerprint or Face ID, if the service supports them.
  • Essentially follows up on Passkeys or push notifications.

Practical Tips for 2FA

  • Turn it on everywhere possible. Facebook, Gmail, Instagram, Apple ID, bank accounts: 2FA is a baseline today.
  • Prefer apps or keys over SMS: Every account should have a unique second factor.
  • Back up your access. For example, recovery codes or a backup key, so you don't get locked out of your own account.
  • Store codes securely, not in an email or unprotected notes.
Summary: Two-factor authentication is the second lock that protects you even if someone gets your password. The combination of a strong password + 2FA + modern login methods creates a strong defense against most attacks.


In today's article, I have summarized everything important you need to know for life in the digital world—from phone numbers, email addresses, and passwords to biometrics and two-factor authentication (2FA). To help us realize that these details are not just "ordinary" information, but form the heart and brain of our digital identity and footprint.

You might be wondering: "That's all very well, but how does this relate to your content on social media, YouTube, or this blog?" The answer is simple: technology and the digital world are an integral part of my life and my creative work. I actually prepared this article back in August 2025, and since then, several things have happened around me that showed just how quickly someone can become compromised online.

What I had originally prepared is much longer than today's article—it could easily span eight A4 pages! I believe most of you would lose focus with such a long text. That is why I decided to release this topic as a series. Today, we focused on the basics—the most important pillars upon which your digital security stands.

Next time, we will look at another related topic that will help you be even safer online. But I'll keep that as a surprise for now. I am glad that besides travels, photography, and other topics, I can also share something useful for your digital protection.

I don't know exactly how often this series will be published yet—perhaps once every two weeks or once a month. You will find out everything in due time. Why am I writing this here, directly on the blog, and not elsewhere? Because you, who follow me online, are part of my digital world, and therefore this information is relevant to you as well.

Thank you for reading this far, and I look forward to the next episode of my digital window.

#besafe

YOU MIGHT ALSO BE INTERESTED IN:

Important Notice: I am not a cybersecurity or systems security expert. This article is written in my own words, based on my knowledge and experience with technology, the web, and the digital world. It serves as informative and educational content for readers and followers, not as an official guide or guarantee of security. The author bears no responsibility for any consequences resulting from the application of the recommendations provided. You may link to this article, but copying or using it otherwise without the author's permission is not allowed. The image used in the article was created as an illustration using ChatGPT.

Labels:

Přečtěte si také:

Read also:

My Top Picks!

HODNOTA ŽIVOTA
HODNOTA ŽIVOTA
Click for Website
KUPKYTKY
KUPKYTKY
Click for Website
VERAMELODICA
VERAMELODICA
Click for Website