Here's some sobering news: Hackers are reportedly. Yep, someone has literally put a price on your personal information -- and it's the equivalent of one month's worth of HBO Now.
Of course, a compromised Apple ID could cost you a lot more than that, as thieves could potentially use it to access (or even create) other accounts in your name.
Needless to say, it's critical that you take every conceivable measure to protect it. There's nothing difficult here, but you just need to devote a little time and diligence. First up: Stop serving up your Apple ID on a silver platter!
Learn to spot phishing attempts
How do hackers manage to steal Apple IDs? Believe it or not, in some cases people unknowingly hand them over. That's because they fall for phishing: email that appears to be from Apple but is really a fake designed to collect personal information.
For example, you receive an email that closely resembles other, legitimate, messages you've received from Apple. It has the same font, the same formatting, the Apple logo and so on. And it says, disturbingly, that your account has been compromised.
But no problem! Just "click here to reset your password and protect your identity." That click takes you to another convincing fake: an Apple lookalike page where you're asked to enter your user ID, password and, if the hackers are feeling especially bold, your Social Security number.
Just being aware that phishing exists is a good first step. Beyond that, remember this simple advice: Never, ever, ever click a link in an email that purports to take you to an account page. Instead, open your browser (or app) and sign into your account directly.
For more on this, learn identifying legitimate emails from the App Store and iTunes Store.. And check out Apple's recent post on
Set up two-step verification
Suppose a hacker buys your stolen Apple ID. They then attempt to take control of your account by changing your associated email address and password. Once that happens, well, you're kinda screwed.
One nearly foolproof way to prevent that from happening: set up two-step verification (aka two-factor authentication, or 2FA). With that in place, it's much harder for someone to make changes to your account. That's because in the aforementioned scenario, the hacker can't do anything without providing a verification code -- which is delivered to a device in your possession, usually your phone.
This added layer of protection does involve an extra layer of hassle, because now you have to jump through the two-step verification hoops when you want to make changes yourself. But that's a small price to pay for this important security measure.
Here'sand in general.
Use a password manager
I can't say this often enough: If you're not using a password manager, you're making it infinitely easier for hackers to ruin your life. Without one, it's a safe bet you're using the same few (probably terrible) passwords for Apple, Amazon, your bank, your credit card and so on -- because it's so challenging to manage them otherwise.
A password manager not only solves the management problem, but also generates longer, tougher-to-crack passwords for you to use. (Some of these utilities can also automatically log into your accounts and replace poor passwords with better ones.)
There are lots of freebie password managers out there, but it's worth paying a little extra for a premium subscription that synchronizes your passwords between devices. (Actually, thedoes that already.) Dashlane Premium is among the managers that can identify weak or duplicate passwords and automatically replace them with better ones.
By making just a few changes to your security and learning how to spot phishing emails, you can make it much, much harder for hackers to steal -- and profit from -- your Apple ID.