Connecting your computer or mobile device to a network includes a degree of risk. No matter the size of your business, criminals might target you and your information. Shopify recommends a number of processes to protect yourself and your customers.
If you believe someone has accessed your account without your permission, then take steps to secure your data immediately.
Account security overview
To protect yourself from risk, learn about generating unique passwords for your accounts, as well as how to secure a compromised account and reset blocked credentials.
Generate unique passwords with a password vault Caution
Each of your passwords should be unique. Don't use the same password for more than one account, even if the accounts are related.
Many people use the same password for more than one account. Often they pair it with the same username or email address. Without unique passwords, if a username/password pair is exposed, then an attacker might gain ac
cess to another account that uses those credentials.
Using password vault software is a great way to generate and manage your passwords. When you use a password vault, you need to remember only the master key to the vault, and your other passwords can be autogenerated jumbles of letters, numbers, and symbols. Popular password vaults include LastPass, Dashlane, and 1password.
Defend against phishing
Phishing attacks try to fool you into installing malicious software on your device or giving up sensitive information. Learn how to protect yourself.
Turn on two-step authentication
You can enable two-step authentication for your Shopify account to reduce the likelihood that someone who has acquired your password will be able to cause any damage. Your staff can set up two-step authentication for their accounts as well.
It's a good idea to use two-step authentication on your other accounts whenever possible. Major services that support two-step authentication include: