2020-05-25

Security hygiene general suggestions


I typed this up for a couple of clients and thought I'd share it here too.

1. Password manager: Get one and use it, and passwords, properly.  LastPass is a good one; see this post for more information.  Using passwords properly includes never reusing them and using long random strings (e.g., 30 chars) for (almost) every password.  

1.a. With LastPass, set up Emergency Access to and from a trusted other person's LastPass account. 

2. Two-factor authentication: Start using Authy on important accounts; see this post for more information.

2.a. Set up 2FA for your password manager.  But see this post first.

3. Background on Internet storage and backup (and zero knowledge):see this post.

4. Backup: Use (zero knowledge) cloud backup if possible.  Best and most expensive is CrashPlan (see item #3 above), next is Blackblaze (a bit less secure, a bit less expensive), and next is Sync.com (not quite as good for backup but great for syncing files between devices -- see item #3 above).  This backup will run automatically always or every day (your choice) and you'll never have to think about backup again.  It's a good idea to keep doing your local monthly backup too.  (Sync gives you 5 GB for free.)

5. Strongly consider encrypting your computer drive and your backup drive.  Unless they are encrypted, if someone steals your computer or your backup drive, they can access all your data.  See the link just below.  File Vault 2 comes with Macs.  On Windows, BitLocker requires that you have Windows 10 Pro (not Home).  BitLocker also gives you encryption of external drives and flash drives.  Store you BitLocker recovery password in your password manager.

6. Make sure you have a strong PIN on your phone/tablet, 8+ digits, and turn on auto-wipe after 10 wrong guesses.

7. Make sue you have a strong password on your computer, 12+ characters and as random-looking as possible.

8. For more on security hygiene see this post.

---

Update 2021-07-26: Bitwarden has an Emergency Access feature too, and it looks very similar to LastPass's.