Difference between revisions of "Personal Security"

From WikiWiki
Jump to navigation Jump to search
Line 7: Line 7:
 
** start with regular sms
 
** start with regular sms
 
** if you're slightly more advanced, you can use totp apps like Microsoft Authenticator or Google Authenticator or Yubikey Authenticator
 
** if you're slightly more advanced, you can use totp apps like Microsoft Authenticator or Google Authenticator or Yubikey Authenticator
*** make a backup of your codes!
+
** make a backup of your codes, make a backup of the app! losing the app without backup means: no access to your service
*** make a backup of the app!
 
**** losing the app without backup means: no access to your service
 
 
* Use a password vault to help you remember all the different strong passwords for different services and you're only human
 
* Use a password vault to help you remember all the different strong passwords for different services and you're only human
 
** secure that password vault like hell!
 
** secure that password vault like hell!

Revision as of 12:45, 26 August 2021

A draft article on security!

Authentication (Passwords)

  • Use a strong password: 12+ characters, printable ascii
  • Use a unique password per service
  • Use multi factor authentication where possible (https://www.safeonweb.be/en/two-factor-authentication-it-difficult-use)
    • start with regular sms
    • if you're slightly more advanced, you can use totp apps like Microsoft Authenticator or Google Authenticator or Yubikey Authenticator
    • make a backup of your codes, make a backup of the app! losing the app without backup means: no access to your service
  • Use a password vault to help you remember all the different strong passwords for different services and you're only human
    • secure that password vault like hell!

Backups

  • When things go south: make sure you have OFFLINE backups
  • Take a backup of your online services! Gmail/Google exports, Hotmail exports, Facebook, Twitter,... If it's compromised it's GONE
  • Backup your password vault

Devices

Windows Computer

Android phone

  • Enable lockscreen with a code (or pattern, whatever)
  • Disable Wi-Fi stuff as from Personal_Security#Network
  • Update your Android
    • If no android updates are available from your manufacturer, consider unlocking and putting https://www.lineageos.org/ on it
    • If not, consider buying a new phone...

iPhone

  • Enable lockscreen with a code! (or faceid or touchid, whatever)
  • Disable Wi-Fi stuff as from Personal_Security#Network
  • Make sure your ios is up to date

Software

Network

  • Use a strong Wi-Fi PSK (16+ characters printable ascii)
  • Don't use Wi-Fi profiles without PSK
  • Disable everything hot-spot related