Since a rather high-profile account hijack happened not too long ago I figured i’d preach some IT wisdom to help you secure your account. I’ve worked in IT for many years as an IT contractor.

Passwords

Don’t reuse passwords. Generate a strong password and save it in a password manager. It’s rather irrelevant which one you use but a good free one is KeePass. Don’t store them in plain text. 

Watch out for Phishing

When you click on an URL to the marketplace or the login, make sure it’s an correct URL. The only website for logging in is https://id.secondlife.com/. If you’re not on that subdomain, don’t login. There’s no other login domain. If you click login on the jira/wiki/marketplace it’ll redirect you to that subdomain.

While id.secondlife.com doesn’t have an E(xtended)V(alidation) certificate yet, the marketplace does. If you’re on the marketplace make sure the address bar looks like:

chrome_2017-04-17_21-37-47

Note the Linden Research Inc [US]

Make sure the bar looks like this for id.secondlife.com and check the spelling:

chrome_2017-04-17_21-40-26

Note the green lock and secure(Chrome)

Linden Lab employees will NEVER ask for your password.

2FA and email accounts

I’d recommend using Gmail or Outlook for hosting your email. Yahoo is unreliable and a mess. I’d also not recommend your ISP’s email hosting, they tend to be vulnerable to social engineering.

Enable 2FA on your email accounts. Yes I know it’s a hassle, you need your phone with you and all. HOWEVER, 2FA will protect you if your password gets compromised. It dramatically improves security for a little payoff. Sadly, LL isn’t implementing 2FA for SL accounts. 2FA for Google/2FA for Microsoft

Anti-malware

Use an anti-malware/anti-virus. I am sure you’ve heard people say “you don’t need an anti-virus if you know what you’re doing!”. They are wrong. Sure, the way AVs work is mostly a cat and mouse game but it adds a necessary line of defense. You don’t have to pay for one, Windows Defender(built into windows 8 and up) or Microsoft Security Essentials(for windows 7) is a good baseline to use.

Browsers

Use Chrome. Not firefox, and certainly not IE. Why Chrome over Firefox? Sandboxing. Sandboxing prevents malicious sites from breaking out of the browser. Firefox is way more vulnerable to exploiting. Sandboxing is really important for security.

Use an Adblocker. Why? Ad networks are often an origin point for spreading malware. Most of the drive-by malware is hosted on ad networks. You really don’t want to be served malware instead of an ad. Also, advertising is completely batshit these days, webpages will load 500x faster in certain cases, your CPU/GPU will be less taxed and your memory will fill up less fast. uBlock Origin is the only Adblocker I’d recommend.

Other advice

Don’t use a PDF reader, use the chrome built-in one. Keep all software up to date, especially Flash, Adobe Reader(if you insist) and Java if you use them. If you don’t use them, uninstall them. Remember, Chrome doesn’t use system installed Flash and it can’t use Java! If you still have quicktime installed make sure to uninstall it. SL doesn’t require it anymore and Apple doesn’t update it anymore. It has KNOWN security flaws.

Also check out https://decentsecurity.com/, they have some great advice as well. I would certainly recommend Cleaning and optimizing a Windows computer safely” specifically.