What am I going to ramble about today?

Are you sick and tired of having your online accounts compromised? Do you feel that you deserve better than to have photos of cats wearing hats littered across your Twitter page? Well, fear no more.

Firstly, make sure your devices are secured. If you feel that your device may be compromised, simply backup your data to an external drive and reinstall your operating system. If this is a mobile device, a factory reset may be all you need.

The easy part after trusting the security of your current system is securing your accounts.

To begin, you will want to choose a password manager and a 2FA app. I use the following two, shown below:

• Keepassxc
• Aegis Auth

I would recommend, when using any password manager, that you create a redonkulously long password. If you want to learn a cheating skill at creating an easy password, you could create a string of words resembling something like an inside joke with your friend. An example passphrase may be: Thebrownsafteyconewhisperssweetmelodiesinthenight. I would recommend that if you take this round, you incorporate non-alphanumeric characters, for example: !@#$%^&*()_+-={[]}|;:’",<.>/?, in random places in your passphrase.

For storing your password database, it would be ideal to store the password files locally (but across devices). Whenever you update a password, you will need to merge that file to the rest of your devices (so you can have a consistent database across all your machines).

With Aegis Auth, I would recommend making sure the OTP database has a super strong encryption password/passphrase/insidejoke, and you may want to store this password in your KeePass database (though this isn’t ideal, but the attacker would need to firstly break into your super secure password vault and then also steal your encrypted Aegis.json config).

The next step would be to bookmark all of the websites you would have to insert credentials to. Something I do when opening links others give me is retype the domain name to make sure there are no shenanigans going on (like with the example of the Gnu Image Manipulation Program website being cloned and having an almost identical URL with a slightly different character, which the human eye couldn’t detect).

I will be updating this post whenever I have more ideas. Thanks for your time, and have a good splendid existence.