Updates checklist (auto-generated, on 29-Mar-2025)

This commit is contained in:
Liss-Bot 2025-03-29 10:23:36 +00:00
parent 7e181ad288
commit 63ee84ff76

View File

@ -38,7 +38,7 @@ Most reported data breaches are caused by the use of weak, default or stolen pas
**Security** | **Priority** | **Details and Hints**
--- | --- | ---
**Use a Strong Password** | Essential | If your password is too short, or contains dictionary words, places or names- then it can be easily cracked through brute force, or guessed by someone. The easiest way to make a strong password, is by making it long (12+ characters)- consider using a 'passphrase', made up of many words. Alternatively, use a password generator to create a long, strong random password. Have a play with [Security.org's How Secure Is My Password?](https://www.security.org/how-secure-is-my-password/), to get an idea of how quickly common passwords can be cracked. Read more about creating strong passwords: [securityinabox.org](https://securityinabox.org/en/passwords/passwords-and-2fa/)
**Use a Strong Password** | Essential | If your password is too short, or contains dictionary words, places or names- then it can be easily cracked through brute force, or guessed by someone. The easiest way to make a strong password, is by making it long (12+ characters)- consider using a 'passphrase', made up of many words. Alternatively, use a password generator to create a long, strong random password. Have a play with [Security.org's How Secure Is My Password?](https://security.org/how-secure-is-my-password/), to get an idea of how quickly common passwords can be cracked. Read more about creating strong passwords: [securityinabox.org](https://securityinabox.org/en/passwords/passwords-and-2fa/)
**Don't reuse Passwords** | Essential | If someone was to reuse a password, and one site they had an account with suffered a leak, then a criminal could easily gain unauthorized access to their other accounts. This is usually done through large-scale automated login requests, and it is called Credential Stuffing. Unfortunately this is all too common, but it's simple to protect against- use a different password for each of your online accounts
**Use a Secure Password Manager** | Essential | For most people it is going to be near-impossible to remember hundreds of strong and unique passwords. A password manager is an application that generates, stores and auto-fills your login credentials for you. All your passwords will be encrypted against 1 master passwords (which you must remember, and it should be very strong). Most password managers have browser extensions and mobile apps, so whatever device you are on, your passwords can be auto-filled. A good all-rounder is [Bitwarden](https://awesome-privacy.xyz/essentials/password-managers/bitwarden), or see [Recommended Password Managers](https://awesome-privacy.xyz/essentials/password-managers)
**Avoid sharing passwords** | Essential | While there may be times that you need to share access to an account with another person, you should generally avoid doing this because it makes it easier for the account to become compromised. If you absolutely do need to share a password for example when working on a team with a shared account this should be done via features built into a password manager.
@ -58,7 +58,7 @@ Most reported data breaches are caused by the use of weak, default or stolen pas
**Watch out for Keyloggers** | Advanced | A hardware [keylogger](https://en.wikipedia.org/wiki/Hardware_keylogger) is a physical device planted between your keyboard and the USB port, which intercepts all key strokes, and sometimes relays data to a remote server. It gives a hacker access to everything typed, including passwords. The best way to stay protected, is just by checking your USB connection after your PC has been unattended. It is also possible for keyloggers to be planted inside the keyboard housing, so look for any signs that the case has been tampered with, and consider bringing your own keyboard to work. Data typed on a virtual keyboard, pasted from the clipboard or auto-filled by a password manager can not be intercepted by a hardware keylogger.
**Consider a Hardware Token** | Advanced | A U2F/ FIDO2 security key is a USB (or NFC) device that you insert while logging in to an online service, in to verify your identity, instead of entering a OTP from your authenticator. [SoloKey](https://solokeys.com) and [NitroKey](https://www.nitrokey.com) are examples of such keys. They bring with them several security benefits, since the browser communicates directly with the device and cannot be fooled as to which host is requesting authentication, because the TLS certificate is checked. [This post](https://security.stackexchange.com/a/71704) is a good explanation of the security of using FIDO U2F tokens. Of course it is important to store the physical key somewhere safe, or keep it on your person. Some online accounts allow for several methods of 2FA to be enabled
**Consider Offline Password Manager** | Advanced | For increased security, an encrypted offline password manager will give you full control over your data. [KeePass](https://awesome-privacy.xyz/essentials/password-managers/keepass) is a popular choice, with lots of [plugins](https://[KeePass](https://awesome-privacy.xyz/essentials/password-managers/keepass).info/plugins.html) and community forks with additional compatibility and functionality. Popular clients include: [KeePassXC](https://keepassxc.org) (desktop), [KeePassDX](https://www.keepassdx.com) (Android) and [StrongBox](https://apps.apple.com/us/app/strongbox-password-safe/id897283731) (iOS). The drawback being that it may be slightly less convenient for some, and it will be up to you to back it up, and store it securely
**Consider Unique Usernames** | Advanced | Having different passwords for each account is a good first step, but if you also use a unique username, email or phone number to log in, then it will be significantly harder for anyone trying to gain unauthorised access. The easiest method for multiple emails, is using auto-generated aliases for anonymous mail forwarding. This is where [anything]@yourdomain.com will arrive in your inbox, allowing you to use a different email for each account (see [Mail Alias Providers](https://github.com/Lissy93/awesome-privacy#anonymous-mail-forwarding)). Usernames are easier, since you can use your password manager to generate, store and auto-fill these. Virtual phone numbers can be generated through your VOIP provider
**Consider Unique Usernames** | Advanced | Having different passwords for each account is a good first step, but if you also use a unique username, email or phone number to log in, then it will be significantly harder for anyone trying to gain unauthorised access. The easiest method for multiple emails, is using auto-generated aliases for anonymous mail forwarding. This is where [anything]@yourdomain.com will arrive in your inbox, allowing you to use a different email for each account (see [Mail Alias Providers](https://github.com/Lissy93/awesome-privacy#mail-forwarding)). Usernames are easier, since you can use your password manager to generate, store and auto-fill these. Virtual phone numbers can be generated through your VOIP provider
### Recommended Software
- [Password Managers](https://github.com/Lissy93/awesome-privacy#password-managers)