mirror of
https://github.com/Lissy93/personal-security-checklist.git
synced 2024-12-18 12:14:38 -05:00
OS, Router and Phone sections. First version done
This commit is contained in:
parent
82bb6f0675
commit
bfd1ecfb46
163
readme.md
163
readme.md
@ -1,6 +1,5 @@
|
|||||||
# Personal Security Checklist
|
# Personal Security Checklist
|
||||||
|
|
||||||
|
|
||||||
## Passwords
|
## Passwords
|
||||||
|
|
||||||
Ideally you should use a different, and secure password to access each service you use. To securely manage all of these, a password manager is usually the best option.
|
Ideally you should use a different, and secure password to access each service you use. To securely manage all of these, a password manager is usually the best option.
|
||||||
@ -9,18 +8,18 @@ Most reported data breaches [this Verizon report](http://www.verizonenterprise.c
|
|||||||
|
|
||||||
For everything you could ever want to know about passwords, check out [this guide](https://heimdalsecurity.com/blog/password-security-guide/).
|
For everything you could ever want to know about passwords, check out [this guide](https://heimdalsecurity.com/blog/password-security-guide/).
|
||||||
|
|
||||||
| **Security** | **Priority** | **Details and Hints** | **Done** |
|
| **Security** | **Priority** | **Details and Hints** |
|
||||||
| -------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------- |
|
| -------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
|
||||||
| **Use a strong password** | Recommended | Check how strong your password is at: [HowSecureIsMyPassword.net](https://howsecureismypassword.net). Try to get a got mixture of upper and lower-case letters, numbers and symbols. Avoid names, places and dictionary words where possible, and aim to get a decent length. Have a look at [How Long will it take to Crack my Password](https://www.betterbuys.com/estimating-password-cracking-times/). | [ ] |
|
| **Use a strong password** | Recommended | Check how strong your password is at: [HowSecureIsMyPassword.net](https://howsecureismypassword.net). Try to get a got mixture of upper and lower-case letters, numbers and symbols. Avoid names, places and dictionary words where possible, and aim to get a decent length. Have a look at [How Long will it take to Crack my Password](https://www.betterbuys.com/estimating-password-cracking-times/). |
|
||||||
| **Don’t save your password in browsers** | Recommended | Most modern browsers offer to save your credentials when you log into a site. Don’t allow this! As they are not encrypted, hence can allow easy access into your accounts. Also do not store passwords in a .txt file or any other unencrypted means. Ideally use a password manager. | |
|
| **Don’t save your password in browsers** | Recommended | Most modern browsers offer to save your credentials when you log into a site. Don’t allow this! As they are not encrypted, hence can allow easy access into your accounts. Also do not store passwords in a .txt file or any other unencrypted means. Ideally use a password manager. |
|
||||||
| **Use different passwords for each account you have** | Recommended | If one password gets compromised, it can give hackers access to your other online sites, so it is highly recommended not to reuse the same passwords. In order to manage having hundreds of different passwords, use a [password manager](https://en.wikipedia.org/wiki/Password_manager). Have a look at [LastPass](https://www.lastpass.com), [DashLane](https://www.dashlane.com), [KeePass](https://keepass.info) or [Robo Forms 8](https://www.roboform.com). | [ ] |
|
| **Use different passwords for each account you have** | Recommended | If one password gets compromised, it can give hackers access to your other online sites, so it is highly recommended not to reuse the same passwords. In order to manage having hundreds of different passwords, use a [password manager](https://en.wikipedia.org/wiki/Password_manager). Have a look at [LastPass](https://www.lastpass.com), [DashLane](https://www.dashlane.com), [KeePass](https://keepass.info) or [Robo Forms 8](https://www.roboform.com). |
|
||||||
| **Be cautious when logging in on someone else’s device** | Recommended | Ideally you wouldn’t ever log into any of your services on someone else’s device, since you can’t be sure that they don’t have any malware. If you do, ensure that your in a private session (like Incognito mode) so that nothing gets saved | [ ] |
|
| **Be cautious when logging in on someone else’s device** | Recommended | Ideally you wouldn’t ever log into any of your services on someone else’s device, since you can’t be sure that they don’t have any malware. If you do, ensure that your in a private session (like Incognito mode) so that nothing gets saved |
|
||||||
| **Avoid password hints** | Optional | It is likely that there is a lot of information about you online, so it can be an easy task for a hacker to find out which high school you went to, or what your Mums name is. | [ ] |
|
| **Avoid password hints** | Optional | It is likely that there is a lot of information about you online, so it can be an easy task for a hacker to find out which high school you went to, or what your Mums name is. |
|
||||||
| **Never answer online security questions truthaly** | Optional | Instead, create a password inside your password manager to store your fictitious answer. This will stop people guessing your place of birth or mothers mainen name. | [ ] |
|
| **Never answer online security questions truthaly** | Optional | Instead, create a password inside your password manager to store your fictitious answer. This will stop people guessing your place of birth or mothers mainen name. |
|
||||||
| **Don’t use a 4-digit pin to access your phone** | Optional | Don’t use a short pin to access your smartphone or computer. Instead use a text password. | [ ] |
|
| **Don’t use a 4-digit pin to access your phone** | Optional | Don’t use a short pin to access your smartphone or computer. Instead use a text password. |
|
||||||
| **Use an offline password manager** | Advanced | Consider an offline password manager, encrypted by a strong password. If you work across two or more computers, this could be stored on an encrypted USB. [KeePass](http://keepass.info/) is a strong choice | |
|
| **Use an offline password manager** | Advanced | Consider an offline password manager, encrypted by a strong password. If you work across two or more computers, this could be stored on an encrypted USB. [KeePass](http://keepass.info/) is a strong choice |
|
||||||
| **If possible, try to avoid bio-metric and hardware-based authentication** | Advanced | Fingerprint sensors, face-detection and voice-recognition are all easily hackable. Where possible replace these with traditional passwords. | [ ] |
|
| **If possible, try to avoid bio-metric and hardware-based authentication** | Advanced | Fingerprint sensors, face-detection and voice-recognition are all easily hackable. Where possible replace these with traditional passwords. |
|
||||||
| P**assword protect your BIOS and drives** | Advanced | A BIOS or UEFI password helps to make an inexperienced hackers life a bit harder if they get hold of your PC or hard drive, [here is a guide on how to do it](https://www.howtogeek.com/186235/how-to-secure-your-computer-with-a-bios-or-uefi-password/). | [ ] |
|
| P**assword protect your BIOS and drives** | Advanced | A BIOS or UEFI password helps to make an inexperienced hackers life a bit harder if they get hold of your PC or hard drive, [here is a guide on how to do it](https://www.howtogeek.com/186235/how-to-secure-your-computer-with-a-bios-or-uefi-password/). |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -29,9 +28,9 @@ For everything you could ever want to know about passwords, check out [this guid
|
|||||||
|
|
||||||
This is a secure method of logging in, where you supply not just your password, but also an additional code usually from a device that only you’d have access to.
|
This is a secure method of logging in, where you supply not just your password, but also an additional code usually from a device that only you’d have access to.
|
||||||
|
|
||||||
| **Security** | **Priority** | **Details and Hints** | **Done** |
|
| **Security** | **Priority** | **Details and Hints** |
|
||||||
| ------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
|
| ------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||||
| **Use an authenticator.** | Recommended | Use [Google Authenticator](https://support.google.com/accounts/answer/1066447) where sites offer 2-FA. Alternative authenticators include: [Authy](https://authy.com), [FreeOTP](https://freeotp.github.io), [LastPassAuthenticator](https://lastpass.com/auth/) and [AuthenticatorPlus](https://www.authenticatorplus.com). SMS codes are ubiquitous, but easy to break so although better than nothing, not ideal. Another option is a hardware-based 2FA, such as [Yubico](https://www.yubico.com/security-keys-authentication/), although with limited compatibility and of course a physical cost. Check out [this list of apps/ sites which provide the option of 2FA](https://twofactorauth.org/). | [ ] |
|
| **Use an authenticator.** | Recommended | Use [Google Authenticator](https://support.google.com/accounts/answer/1066447) where sites offer 2-FA. Alternative authenticators include: [Authy](https://authy.com), [FreeOTP](https://freeotp.github.io), [LastPassAuthenticator](https://lastpass.com/auth/) and [AuthenticatorPlus](https://www.authenticatorplus.com). SMS codes are ubiquitous, but easy to break so although better than nothing, not ideal. Another option is a hardware-based 2FA, such as [Yubico](https://www.yubico.com/security-keys-authentication/), although with limited compatibility and of course a physical cost. Check out [this list of apps/ sites which provide the option of 2FA](https://twofactorauth.org/). |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -60,9 +59,9 @@ For more browser security pointers, check out: [Here’s How To Get Solid Browse
|
|||||||
|
|
||||||
A Virtual Private Network (VPN) allows you to securely connect to the internet, when you visit a site, your visiting it through the secure VPN connection and not broadcasting your own IP address, therefore hiding your identity on the sites you visit, to both your ISP anyone else trying to track you, they can also encrypt your traffic so you can browse more securely on public networks. They’re really easy to setup. To learn more about what a VPN is, how it works and how to choose one, checkout [this PC Mag article](http://uk.pcmag.com/software/138/guide/the-best-vpn-services-of-2018).
|
A Virtual Private Network (VPN) allows you to securely connect to the internet, when you visit a site, your visiting it through the secure VPN connection and not broadcasting your own IP address, therefore hiding your identity on the sites you visit, to both your ISP anyone else trying to track you, they can also encrypt your traffic so you can browse more securely on public networks. They’re really easy to setup. To learn more about what a VPN is, how it works and how to choose one, checkout [this PC Mag article](http://uk.pcmag.com/software/138/guide/the-best-vpn-services-of-2018).
|
||||||
|
|
||||||
| **Security** | **Priority** | **Details and Hints** | **Done** |
|
| **Security** | **Priority** | **Details and Hints** |
|
||||||
| ------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
|
| ------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||||
| **Use a VPN** | Recommended | Ideally use a paid-for VPN, as they’re considerably better quality so won’t affect your speeds, nor show adds. Take a look at [VyprVPN](https://www.goldenfrog.com/vyprvpn), [NordVPN](https://nordvpn.com), [IPVanish](https://www.ipvanish.com) and [TunnelBear](https://www.tunnelbear.com). | [ ] |
|
| **Use a VPN** | Recommended | Ideally use a paid-for VPN, as they’re considerably better quality so won’t affect your speeds, nor show adds. Take a look at [VyprVPN](https://www.goldenfrog.com/vyprvpn), [NordVPN](https://nordvpn.com), [IPVanish](https://www.ipvanish.com) and [TunnelBear](https://www.tunnelbear.com). |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -72,82 +71,74 @@ A Virtual Private Network (VPN) allows you to securely connect to the internet,
|
|||||||
|
|
||||||
If a hacker gets access to your emails, it provides a gateway for your other accounts to be compromised, therefore email security is paramount for your digital safety.
|
If a hacker gets access to your emails, it provides a gateway for your other accounts to be compromised, therefore email security is paramount for your digital safety.
|
||||||
|
|
||||||
|
These links are also useful for additional simple measures that you can take to specifically protect a [Yahoo](https://heimdalsecurity.com/blog/complete-guide-e-mail-security/#yahoo), [GMail](https://heimdalsecurity.com/blog/complete-guide-e-mail-security/#gmail), [Outlook](https://heimdalsecurity.com/blog/complete-guide-e-mail-security/#outlook) and [AOL](https://heimdalsecurity.com/blog/complete-guide-e-mail-security/#aol) account.
|
||||||
|
|
||||||
| **Security** | **Priority** | **Details and Hints** |
|
| **Security** | **Priority** | **Details and Hints** |
|
||||||
| ---------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
| -------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||||
| Have more than one email address | Recommended | Keeping your important and safety-critical messages separate from trivial subscriptions such as newsletters, is a very good idea. Be sure to use different passwords. This will also make recovering a compromised account after an email breach easier. |
|
| **Have more than one email address** | Recommended | Keeping your important and safety-critical messages separate from trivial subscriptions such as newsletters, is a very good idea. Be sure to use different passwords. This will also make recovering a compromised account after an email breach easier. |
|
||||||
| Keep security in mind when logging into emails | Recommended | Your email account is one of the most important to protect with a secure password. Only sync your emails with your phone, if it is secured (encrypted with password). Don’t allow your browser to save your email password. Prevent man-in-the-middle attacks by only logging in on a secured browser. |
|
| **Keep security in mind when logging into emails** | Recommended | Your email account is one of the most important to protect with a secure password. Only sync your emails with your phone, if it is secured (encrypted with password). Don’t allow your browser to save your email password. Prevent man-in-the-middle attacks by only logging in on a secured browser. |
|
||||||
| Always be weary of phishing and scams | Recommended | If you get an email from someone you don’t recognize, don’t reply, don’t click on any links, and absolutely don’t download an attachment. Keep an eye out for senders pretending to be someone else, such as your bank, email provider or utility company. Check the domain, read it, ensure it’s addressed directly to you, and still don’t give them any personal details. Check out [this guide, on how to spot phishing emails](https://heimdalsecurity.com/blog/abcs-detecting-preventing-phishing/). |
|
| **Always be weary of phishing and scams** | Recommended | If you get an email from someone you don’t recognize, don’t reply, don’t click on any links, and absolutely don’t download an attachment. Keep an eye out for senders pretending to be someone else, such as your bank, email provider or utility company. Check the domain, read it, ensure it’s addressed directly to you, and still don’t give them any personal details. Check out [this guide, on how to spot phishing emails](https://heimdalsecurity.com/blog/abcs-detecting-preventing-phishing/). |
|
||||||
| Don’t share sensitive over email | Optional | Emails are very very easily intercepted. Also you can’t know how secure your recipients environment is. Don’t share anything personal, such as bank details, passwords, confidential information over email. Ideally, don’t use email as any primary method of communication. |
|
| **Don’t share sensitive over email** | Optional | Emails are very very easily intercepted. Also you can’t know how secure your recipients environment is. Don’t share anything personal, such as bank details, passwords, confidential information over email. Ideally, don’t use email as any primary method of communication. |
|
||||||
| Don’t connect third-party apps to your email account | Optional | If you give a third-party app (like Unroll.me) full access to your inbox, this makes you vulnerable to cyber attacks. The app can be compromised and, as a consequence, cyber criminals would gain unhindered access to all your emails and their contents. |
|
| **Don’t connect third-party apps to your email account** | Optional | If you give a third-party app (like Unroll.me) full access to your inbox, this makes you vulnerable to cyber attacks. The app can be compromised and, as a consequence, cyber criminals would gain unhindered access to all your emails and their contents. |
|
||||||
| Consider switching to a more secure email provider | Optional | Email providers such as [ProtonMail](https://protonmail.com), [CounterMail](https://countermail.com), [HushMail](https://www.hushmail.com) (for business users) or [MailFence](https://mailfence.com) allow for end-to-end encryption, full privacy as well as more security-focused features. |
|
| **Consider switching to a more secure email provider** | Optional | Email providers such as [ProtonMail](https://protonmail.com), [CounterMail](https://countermail.com), [HushMail](https://www.hushmail.com) (for business users) or [MailFence](https://mailfence.com) allow for end-to-end encryption, full privacy as well as more security-focused features. |
|
||||||
|
|
||||||
## Social Media
|
## Social Media
|
||||||
| **Done** | **Security** | **Details and Hints** |
|
| **Security** | **Priority** | **Details and Hints** |
|
||||||
| -------- | --------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
| --------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||||
| [] | **Check your privacy settings** | Most social networks allow you to control your privacy settings. Ensure that your profile can only be viewed by people who you are in your friends list, and you know personally. |
|
| **Check your privacy settings** | Recommended | Most social networks allow you to control your privacy settings. Ensure that your profile can only be viewed by people who you are in your friends list, and you know personally. |
|
||||||
| [] | **Only put info on social media that you wouldn’t mind being public** | Even with tightened security settings, don’t put anything online that you wouldn’t want to be seen by anyone other than your friends. Don’t reply soley on the social networks security. |
|
| **Only put info on social media that you wouldn’t mind being public** | Recommended | Even with tightened security settings, don’t put anything online that you wouldn’t want to be seen by anyone other than your friends. Don’t reply soley on the social networks security. |
|
||||||
| [] | **Don’t give social networking apps permissions they don’t need** | By default many of the popular social networking apps, will ask for permission to access your contacts, your call log, your location, your messaging history etc.. If they don’t need this access- don’t grant it. |
|
| **Don’t give social networking apps permissions they don’t need** | Recommended | By default many of the popular social networking apps, will ask for permission to access your contacts, your call log, your location, your messaging history etc.. If they don’t need this access- don’t grant it. |
|
||||||
| [] | **Remove meta data before uploading media** | Most smartphones and some cameras automatically attach a comprehensive set of additional data to each photograph., This usually includes things like time, date, location, camera model, user etc. Remove this data before uploading. See [this guide](https://www.makeuseof.com/tag/3-ways-to-remove-exif-metadata-from-photos-and-why-you-might-want-to/) for more info. |
|
| **Revoke access for apps your no longer using** | Recommended | Instructions: [Facebook](https://www.facebook.com/settings?tab=applications), [Twitter](https://twitter.com/settings/applications), [LinkedIn](https://www.linkedin.com/psettings/third-party-applications), [Instagram](https://www.instagram.com/accounts/manage_access/). |
|
||||||
|
| **Remove meta data before uploading media** | Optional | Most smartphones and some cameras automatically attach a comprehensive set of additional data to each photograph., This usually includes things like time, date, location, camera model, user etc. Remove this data before uploading. See [this guide](https://www.makeuseof.com/tag/3-ways-to-remove-exif-metadata-from-photos-and-why-you-might-want-to/) for more info. |
|
||||||
|
| **Don’t have any social media accounts** | Advanced | It may seem a bit extreme, but if your serious about data privacy and security, stay away from entering information on any social media platform. |
|
||||||
**Your Devices**
|
|
||||||
|
|
||||||
|
|
||||||
| **Done** | **Security** | **Details and Hints** |
|
|
||||||
| -------- | ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
|
|
||||||
| [] | **Turn of connectivity features that arn’t being used** | When your not using WiFi, Bluetooth, NFC or anything else- turn those features off. These are commonly used to easily hack individuals. |
|
|
||||||
| [] | **Uninstall apps that you don’t need** | Don’t have apps that your not using on your phone, as they can be collecting data in the background. Don’t install apps from non-legitimate sources, or apps with few reviews. |
|
|
||||||
| [] | **Don’t grant apps permissions that they don’t need.** | If an app doesn’t need access to your camera- don’t grant it access. Same with any features of your phone, be wary about what each app has access to. |
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
**Phone Number**
|
## Your Devices
|
||||||
|
| **Security** | **Priority** | **Details and Hints** |
|
||||||
|
| --------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
|
||||||
| **Done** | **Security** | **Details and Hints** |
|
| **Turn of connectivity features that arn’t being used** | Recommended | When your not using WiFi, Bluetooth, NFC or anything else- turn those features off. These are commonly used to easily hack individuals. |
|
||||||
| -------- | ---------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
| **Uninstall apps that you don’t need** | Recommended | Don’t have apps that your not using on your phone, as they can be collecting data in the background. Don’t install apps from non-legitimate sources, or apps with few reviews. |
|
||||||
| [] | Avoid using your real phone number | Where possible, avoid giving out your real phone number while creating accounts online. You can create phone numbers using services such as [Google Voice](https://voice.google.com) or [Skype](https://www.skype.com/en/features/online-number/). For temporary usage you can use a service like [iNumbr](https://www.inumbr.com) that generates a phone number that forwards messages and calls to your main number. |
|
| **Don’t grant apps permissions that they don’t need.** | Recommended | If an app doesn’t need access to your camera- don’t grant it access. Same with any features of your phone, be wary about what each app has access to. |
|
||||||
|
| **Consider running a custom ROM if you have an Android device** | Advanced | Your default OS tracks information about your usage, and app data, constantly. Consider a security-focused custom ROM, such as [Lineage](https://lineageos.org) or [CopperheadOS](https://copperhead.co/android/). |
|
||||||
|
|
||||||
**Communication**
|
|
||||||
|
|
||||||
SMS texting is not secure.
|
|
||||||
|
|
||||||
| **Done** | **Security** | **Details and Hints** |
|
|
||||||
| -------- | ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
||||||
| [ ] | Don’t use SMS - Use E2E encrypted messaging apps | [iMessage is secure](https://techcrunch.com/2014/02/27/apple-explains-exactly-how-secure-imessage-really-is/). For non-Apple users [Signal](https://signal.org) is the most secure option. As of late 2016 [WhatsApp](https://www.whatsapp.com) is also [end-to-end-encrypted using the Signal protocol](https://signal.org/blog/whatsapp-complete/). Signal can also protect your phone calls. |
|
|
||||||
| [ ] | Use a secure email provider | Most email providers completely invade your privacy intercepting both messages sent and received. [ProtonMail](https://protonmail.com) is a secure email provider, that is open source and offers end-to-end encryption. There are alternative secure mail providers (such as [CounterMail](https://countermail.com), [HushMail](https://www.hushmail.com) and [MailFence](https://mailfence.com))- but [ProtonMail](https://protonmail.com) has both a clear interface and strong security record |
|
|
||||||
|
|
||||||
|
|
||||||
**Your Router**
|
|
||||||
|
|
||||||
|
|
||||||
| **Done** | **Security** | **Details and Hints** |
|
|
||||||
| -------- | -------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
||||||
| [] | **Don’t use a default password** | Change your router password- [here is a guide as to how](https://www.lifewire.com/how-to-change-your-wireless-routers-admin-password-2487652). |
|
|
||||||
| [] | **Ideally hide your SSID** | An SSID (or Service Set Identifier) is simply your network name. If it is not visible, it is much less likely to be targeted. You can usually hide it after logging into your router admin panel, [see here for more details](https://www.lifewire.com/hide-your-wireless-network-from-your-internet-leeching-neighbors-2487655). |
|
|
||||||
|
|
||||||
|
|
||||||
**Operating Systems**
|
|
||||||
|
|
||||||
Although Windows and OS X are easy and convient, they both are far from secure. The ideal option would be to install a security-based OS. Where this often isn’t possible, using a VM or dual-booting with a consumer-focused Linux distro is still preferable to primarily using a either of Microsoft’s, Apple’s or Google’s services.
|
|
||||||
|
|
||||||
| **Done** | **Security** | **Details and Hints** |
|
|
||||||
| -------- | -------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
||||||
| [] | **Consider Switching to Linux** | Linux is considerably [more secure](https://www.pcworld.com/article/202452/why_linux_is_more_secure_than_windows.html) than both OSX and Windows. Some distros are still more secure than others, so it’s worth choosing the right one to get a balance between security and convenience. |
|
|
||||||
| [] | **Consider running a custom ROM on your Android device** | Your default OS tracks information about your usage, and app data, constantly. Consider a security-focused custom ROM, such as [Lineage](https://lineageos.org) or [CopperheadOS](https://copperhead.co/android/). |
|
|
||||||
|
|
||||||
**Shopping**
|
|
||||||
|
|
||||||
|
|
||||||
| **Done** | **Security** | **Details and Hints** |
|
|
||||||
| -------- | ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
||||||
| [] | **Consider using a pre-paid debit card, topped up with cash** | There are a lot of options out there, some are free, some are only available in certain locations, some do require identity checks, whereas others don’t- so it’s worth shopping round to find the one that’s right for you. |
|
|
||||||
| [] | **Consider paying with a Crypto currency** | This is the most secure method of payment, although unfortunately not currently widley supported. |
|
|
||||||
| [] | **Consider not getting goods delivered to your home address** | Use a pickup service, such as Doddle, Amazon Click + Collect, eBay Argos collect etc. |
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## SMS and Calls
|
||||||
|
|
||||||
|
Both SMS texting and traditional phone calls are not secure. Avoid it whenever there is a reasonable alternative, and don’t use these means to communicate anything secure. Be wary of who you share your phone number with
|
||||||
|
|
||||||
|
| **Security** | **Priority** | **Details and Hints** |
|
||||||
|
| -------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
|
||||||
|
| **Don’t use SMS - Use E2E encrypted messaging apps** | Optional | [iMessage is secure](https://techcrunch.com/2014/02/27/apple-explains-exactly-how-secure-imessage-really-is/). For non-Apple users [Signal](https://signal.org) is the most secure option. As of late 2016 [WhatsApp](https://www.whatsapp.com) is also [end-to-end-encrypted using the Signal protocol](https://signal.org/blog/whatsapp-complete/). Keep in mind that although the transmission may be secured, breaches can still be cause if your, or your recipients device has been compromised. |
|
||||||
|
| **Use a secure email provider** | Optional | Most email providers completely invade your privacy intercepting both messages sent and received. [ProtonMail](https://protonmail.com) is a secure email provider, that is open source and offers end-to-end encryption. There are alternative secure mail providers (such as [CounterMail](https://countermail.com), [HushMail](https://www.hushmail.com) and [MailFence](https://mailfence.com))- but [ProtonMail](https://protonmail.com) has both a clear interface and strong security record. |
|
||||||
|
| **Avoid using your real phone number when signing up for an account or service** | Optional | Where possible, avoid giving out your real phone number while creating accounts online. You can create phone numbers using services such as [Google Voice](https://voice.google.com) or [Skype](https://www.skype.com/en/features/online-number/). For temporary usage you can use a service like [iNumbr](https://www.inumbr.com) that generates a phone number that forwards messages and calls to your main number. |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Your Router
|
||||||
|
| **Security** | **Priority** | **Details and Hints** |
|
||||||
|
| --------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
|
||||||
|
| **Don’t use a default password** | Recommended | Change your router password- [here is a guide as to how](https://www.lifewire.com/how-to-change-your-wireless-routers-admin-password-2487652). |
|
||||||
|
| **Use WPA2** | Recommended | WPA and WEP make it very easy for a hacker to gain access to your router. Use a [WPA2](https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access) password instead. Ensure it is strong: 12+ alpha-numeric characters, avoiding dictionary words. |
|
||||||
|
| **Ideally hide your SSID** | Optional | An SSID (or Service Set Identifier) is simply your network name. If it is not visible, it is much less likely to be targeted. You can usually hide it after logging into your router admin panel, [see here for more details](https://www.lifewire.com/hide-your-wireless-network-from-your-internet-leeching-neighbors-2487655). |
|
||||||
|
| **Avoid the free router from your ISP** | Optional | Typically they’re manufactured cheaply in bulk in China, and firmware updates which fix crucial security flaws aren’t released regularly |
|
||||||
|
| **Kill unused process and services** | Advanced | Services like Telnet and SSH (Secure Shell) that provide command-line access to devices should never be exposed to the internet and should also be disabled on the local network unless they're actually needed. In general, [any service that’s not used should be disabled](https://www.securityevaluators.com/knowledge/case_studies/routers/soho_service_hacks.php) to reduce attack surface |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Operating Systems
|
||||||
|
|
||||||
|
Although Windows and OS X are easy and convenient, they both are far from secure. Your OS provides the interface between hardware and your applications, so if compromised can have detrimental effects.
|
||||||
|
|
||||||
|
| **Security** | **Priority** | **Details and Hints** |
|
||||||
|
| ------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||||
|
| **Keep your OS up-to-date** | Recommended | Microsoft, Apple and ChromeOS release regular updates, which fix security risks. Always keep your device updated. |
|
||||||
|
| **Consider Switching to Linux** | Advanced | Linux is considerably [more secure](https://www.pcworld.com/article/202452/why_linux_is_more_secure_than_windows.html) than both OSX and Windows. Some distros are still more secure than others, so it’s worth choosing the right one to get a balance between security and convenience. |
|
||||||
|
|
||||||
|
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user