Lockstep

  • Checklists
    • Authentication
    • Web Browsing
    • Email
    • Messaging
    • Social Media
    • Networks
    • Mobile Devices
    • Personal Computers
    • Smart Home
    • Personal Finance
    • Human Aspect
    • Physical Security
    • Passkeys and MFA
    • Account Recovery
    • Scam Defense
    • Incident Playbooks
    • Monthly Maintenance
    • Identity Protection

    Lockstep

  • Home
  • Checklists
    • Authentication
    • Web Browsing
    • Email
    • Messaging
    • Social Media
    • Networks
    • Mobile Devices
    • Personal Computers
    • Smart Home
    • Personal Finance
    • Human Aspect
    • Physical Security
    • Passkeys and MFA
    • Account Recovery
    • Scam Defense
    • Incident Playbooks
    • Monthly Maintenance
    • Identity Protection

Settings

Incident Playbooks

A security incident is stressful because every minute feels expensive. These playbooks keep the first response simple: contain the damage, preserve evidence, recover control, and then harden the weak point that was abused.

0 out of 8 (0%) complete, 0 ignored

Done?AdviceLevelDetails
Impact: HighEffort: Medium
Essential

From a clean device, change the password, revoke all sessions, remove unknown forwarding rules and app passwords, check recovery methods, enable strong MFA, then reset passwords for accounts that use this mailbox.

Impact: HighEffort: Medium
Essential

Use Find My Device or Find My iPhone to lock or erase it, revoke account sessions, suspend the SIM if needed, remove the device from MFA settings, and replace backup codes for accounts that depended on it.

Impact: HighEffort: Medium
Essential

Contact the bank through the number on the card or official app, freeze or replace the card, dispute transactions, change banking passwords, review devices and sessions, and preserve screenshots or messages.

Impact: HighEffort: Medium
Essential

Create a recovery plan with your national identity theft reporting service where available, place fraud alerts or credit freezes if relevant, file reports, and keep a timeline of accounts, letters, calls, and case numbers.

Impact: MediumEffort: Medium
Recommended

Use the platform recovery flow, revoke unknown sessions and connected apps, restore email and phone settings, warn contacts not to trust recent messages, and check whether the same password was reused elsewhere.

Impact: HighEffort: Medium
Essential

Disconnect from the network if active theft is suspected, avoid logging into sensitive accounts, scan from a trusted tool or reinstall the OS, rotate passwords from a clean device, and restore only trusted files.

Impact: HighEffort: High
Essential

If the vault, master password, or recovery material may be exposed, change the master password from a clean device, revoke sessions, rotate critical account passwords first, replace MFA backup codes, and monitor for account changes.

Impact: MediumEffort: Low
Recommended

Save emails, headers, URLs, screenshots, transaction IDs, account notices, and timestamps before deleting messages or wiping devices. Evidence can be useful for banks, platforms, insurers, employers, or law enforcement.