Two-step authentication - making your site secure

If you only do one thing for your site this week, make it turning on two-step authentication .

The good news - Shopify is very secure. The bad news, people aren't. So what do you do if one of your staff has used a weak password, and someone has guessed or pfished it, and got into your Shopify site? Or a virus on your machine has sent your password to the bad guys?

The first thing to do is DON'T PANIC - running around with your hair on fire is a natural response to that sinking feeling, but will make things worse. Jumping on to an infected machine and changing your password just gives them your new password.

SECURE A COMPROMISED ACCOUNT (SHOPIFY LIST WITH KIM UPDATES)

If your account has been compromised, then take action to protect your data right away.

STEPS:

  1. ON A DIFFERENT DEVICE (in case you've got a virus) Log in to the email account that you use to log in to Shopify and change the password.

  2. Run antivirus on any machine you (or your staff) usually use.

  3. Log in to Shopify and change the password for your Shopify account. If you can't log in, then reset your password. If you don't receive a password reset email, then contact Shopify Support.

  4. Enable two-step authentication for extra security at login. If two-step authentication is already configured and an attacker was able to defeat it — for example, they stole your device — then change your device and set up two-step authentication again.

  5. Check your banking details for Shopify Payments and update them if necessary.

  6. Check and update your banking details for PayPal and any other payment providers you have configured. We've seen a hacker change your Paypal account to their Paypal account.

  7. Review your general account settings and preferences to make sure all other information is correct. Also check your site for links to external sites.

  8. Follow government guides to protect your identity and sensitive information.



Also in eChic Blog - building your business

Are your discount codes safe?
Are your discount codes safe?

You've got that sinking feeling. Someone had placed an order on your Shopify store for $500, and somehow the total had come down to $10.  Your first thought: you've been hacked.

You haven't. What actually happened is simpler, and luckily easier to fix. You had a discount code sitting in your Shopify account called "FREE", or something equally easy to guess.  Someone at checkout has just ... typed it in. And it worked.

Read More
Did you get an email from Shopify about an EU withdrawal button?
Did you get an email from Shopify about an EU withdrawal button?

Here's what it means and what to do.

Read More
Our client Chris from PK9 Gear made it into Forbes 🐾
Our client Chris from PK9 Gear made it into Forbes 🐾

This is a stellar example of what happens when you consistently show up and put your genuine self into your content.

Writers and journalists are always looking for authentic voices, and if you're publishing regularly, you're infinitely easier to find. Read how Chris did it.

Read More

Subscribe