i'm really scared. i've seen lots of posts about people getting their blogs hacked.
Yeah, I’ve been seeing a number of posts talking about that. But stay calm! Here’s a few precautions you can take to minimize the risk.
Hide your personal information. Much of the time, malicious individuals don’t use a program to gain access to your account, they use social engineering. When you sign up for an email or blog account, usually you’re asked to provide information like your name, birthday, age, zip code, primary email account, etc. This is info that can be used to reset the password or gain access to your accounts. Hide this stuff. For example, I have a separate email devoted just to my social media accounts. I don’t share it with people, it’s simply for signing up for things.
Use 2-Factor authentication. Many sites (Tumblr included) lets you add an extra layer of security to the login process. If you log in to Tumblr with 2-Factor authentication enabled, it texts a numeric code to your cell phone, and you cannot log in without entering that code. This way, would-be hackers have a harder time of accessing your account. To enable, go to Settings > Account > Security (Two-Factor Authentication). It also lets you generate an app-specific password for mobile users.
Beware of suspicious links and emails. If you see an outgoing link that you don’t recognize or an email telling you to click on something, it’s better to just ignore it. There’s lots of phishing schemes and viruses out there, and you can avoid them by just being cautious. I saw a thing called Tumblrcloud a few months back that said it would analyze your blog and generate a cloud of your most used phrases and blog stats. This turned out to be just a ploy, since it led to a non-Tumblr website that asked for your login info. If you see a login screen, always double check the URL before doing anything. If it’s Tumblr, then it’s safe to type. If it’s some other website, then leave that page ASAP.
Use a complicated password. This is a list of 25 of the most common passwords. If your password is something simple and easy to guess, then it’s easier for someone else to gain access to your account. Use a mix of letters and numbers.
There’s a number of things I probably missed, but following these tips won’t steer you wrong. I hope it helps!