wiki:org/meetings/2019Stockholm/Notes/SecurityTrainingBasics

Gus’s Security Training Plan

+ DAY 1:

  1. Update your computer and phone OSs so they’re not vulnerable.
  2. Encrypt hard drive on laptop

⁃ Mac : file vault ⁃ Windows : bitlock ⁃ Linus : luks

  1. Use passPHRASE on phone, not passcode

+ DAY 2:

  1. Install Keepassxc for windows; minikeepass for iOS (encrypted password manager)
  2. List all accounts/logins/passwords

+ DAY 3:

  1. Change passwords - All of them!
  2. Use long phrases, not long passwords

+ DAY 4:

  1. Enable 2-factor authentication for all the services

https://twofactorauth.org ⁃ Token/yubi keys (get two) ⁃ App ⁃ google authenticator ⁃ 2 top

  1. Print the ZFA backup codes and put them in a safe

+ DAY 5:

  1. Review permissions in accounts
  2. Delete old conversations/chats (including WhatsApp messages)
  3. When sharing sensitive information via Signal, do it via disappearing message

+ DAY 6:

  1. Backup HD - 2 copies of your files - two hard drives!
  2. Encrypt your external HDs

⁃ Veracrypt works on multiple platforms ⁃ Write down the password and/or backup code

+ DAY 7:

  1. Rest
Last modified 3 months ago Last modified on Jul 13, 2019, 4:52:36 PM