Personal Security: Difference between revisions
Jump to navigation
Jump to search
No edit summary (change visibility) |
No edit summary (change visibility) |
||
Line 5: | Line 5: | ||
* Use a unique password per service | * Use a unique password per service | ||
* Use multi factor authentication where possible (https://www.safeonweb.be/en/two-factor-authentication-it-difficult-use) | * Use multi factor authentication where possible (https://www.safeonweb.be/en/two-factor-authentication-it-difficult-use) | ||
** start with regular sms | |||
** if you're slightly more advanced, you can use totp apps like Microsoft Authenticator or Google Authenticator or Yubikey Authenticator | |||
*** make a backup of your codes! | |||
*** make a backup of the app! | |||
**** losing the app without backup means: no access to your service | |||
* Use a password vault to help you remember all the different strong passwords for different services and you're only human | * Use a password vault to help you remember all the different strong passwords for different services and you're only human | ||
** secure that password vault like hell! | ** secure that password vault like hell! |
Revision as of 11:44, 26 August 2021
A draft article on security!
Authentication (Passwords)
- Use a strong password: 12+ characters, printable ascii
- Use a unique password per service
- Use multi factor authentication where possible (https://www.safeonweb.be/en/two-factor-authentication-it-difficult-use)
- start with regular sms
- if you're slightly more advanced, you can use totp apps like Microsoft Authenticator or Google Authenticator or Yubikey Authenticator
- make a backup of your codes!
- make a backup of the app!
- losing the app without backup means: no access to your service
- Use a password vault to help you remember all the different strong passwords for different services and you're only human
- secure that password vault like hell!
Backups
- When things go south: make sure you have OFFLINE backups
- Take a backup of your online services! Gmail/Google exports, Hotmail exports, Facebook, Twitter,... If it's compromised it's GONE
- Backup your password vault
Devices
Windows Computer
Android phone
- Enable lockscreen with a code (or pattern, whatever)
- Disable Wi-Fi stuff as from Personal_Security#Network
- Update your Android
- If no android updates are available from your manufacturer, consider unlocking and putting https://www.lineageos.org/ on it
- If not, consider buying a new phone...
iPhone
- Enable lockscreen with a code! (or faceid or touchid, whatever)
- Disable Wi-Fi stuff as from Personal_Security#Network
- Make sure your ios is up to date
Software
- Update your software
Network
- Use a strong Wi-Fi PSK (16+ characters printable ascii)
- Don't use Wi-Fi profiles without PSK
- Disable everything hot-spot related