Personal Security: Difference between revisions

From WikiWiki
Jump to navigation Jump to search
No edit summary   (change visibility)
No edit summary   (change visibility)
Line 5: Line 5:
* Use a unique password per service
* Use a unique password per service
* Use multi factor authentication where possible (https://www.safeonweb.be/en/two-factor-authentication-it-difficult-use)
* Use multi factor authentication where possible (https://www.safeonweb.be/en/two-factor-authentication-it-difficult-use)
** start with regular sms
** if you're slightly more advanced, you can use totp apps like Microsoft Authenticator or Google Authenticator or Yubikey Authenticator
*** make a backup of your codes!
*** make a backup of the app!
**** losing the app without backup means: no access to your service
* Use a password vault to help you remember all the different strong passwords for different services and you're only human
* Use a password vault to help you remember all the different strong passwords for different services and you're only human
** secure that password vault like hell!
** secure that password vault like hell!

Revision as of 11:44, 26 August 2021

A draft article on security!

Authentication (Passwords)

  • Use a strong password: 12+ characters, printable ascii
  • Use a unique password per service
  • Use multi factor authentication where possible (https://www.safeonweb.be/en/two-factor-authentication-it-difficult-use)
    • start with regular sms
    • if you're slightly more advanced, you can use totp apps like Microsoft Authenticator or Google Authenticator or Yubikey Authenticator
      • make a backup of your codes!
      • make a backup of the app!
        • losing the app without backup means: no access to your service
  • Use a password vault to help you remember all the different strong passwords for different services and you're only human
    • secure that password vault like hell!

Backups

  • When things go south: make sure you have OFFLINE backups
  • Take a backup of your online services! Gmail/Google exports, Hotmail exports, Facebook, Twitter,... If it's compromised it's GONE
  • Backup your password vault

Devices

Windows Computer

Android phone

  • Enable lockscreen with a code (or pattern, whatever)
  • Disable Wi-Fi stuff as from Personal_Security#Network
  • Update your Android
    • If no android updates are available from your manufacturer, consider unlocking and putting https://www.lineageos.org/ on it
    • If not, consider buying a new phone...

iPhone

  • Enable lockscreen with a code! (or faceid or touchid, whatever)
  • Disable Wi-Fi stuff as from Personal_Security#Network
  • Make sure your ios is up to date

Software

Network

  • Use a strong Wi-Fi PSK (16+ characters printable ascii)
  • Don't use Wi-Fi profiles without PSK
  • Disable everything hot-spot related