This should take less than 30 minutes to set up.
The benefits will last you a lifetime.
You need a Password Manager
Bitwarden is free or $20/yr with their Multi-Factor Authenticator. Google and Apple have built-in password managers as well.
Your passwords need to be unique to each website and account you visit.
They need to be hard to guess. A password manager will make this trivial. You, a human, reusing the same password from your high school student account or college email password, are not going to do well at this.
Keep in mind that if you pass, another trusted person should be able to access your accounts, so you will want to have them stored somewhere like an Apocalypse Notebook
You need Multi-Factor Authentication
Google Authenticator is free and works well. You can also use Bitwarden here if you wish.
Things you Know (passwords), Things you Are (Biometrics), and Things you Have (Code from an App/ Cell Phone Code, or Physical Token), by using more than one of these things, you can prevent a stolen or leaked password from compromising an account.
An attacker needs two of these things, but only has one (something you know/your password). That’s multi-factor authentication.
ex: Withdrawing money from an ATM, you have something you Know (pin number) and something you Have (ATM Card/Physical Token)
Design Good Master Passwords and change them biannually
Have a book or list of master passwords in a known location.
Think more in terms of a "passphrase". Using real words constructed in a sentence or collection of words makes it easier to type, easier to memorize, and longer, so harder to crack.
You shouldn't need more than a handful of them at a time. You can also theme them to make them easier to remember.
- Ex: Say I have a computer who I theme as all of the shots from my film camera. All of my backgrounds are from real film shots taken by one camera, and one lens. The name of the computer is "Emma", because the film camera is a Nikon EM. The password to this computer would be something along the lines of "TakeAPictureWithAKodak", a reference to a Pitbull song. Alternatively, other passwords would be "CompositionRuleOfThirds" or "TiltShiftLensFTW" or "BlackAndWhiteForLife". These passwords are long, easy to remember, easy to type, and secure. I would want to change this computer's password every 1-2 years.
Connecting to unsecured or untrusted networks without the use of a VPN is like sending a sensitive letter through the mail but you write the contents of your letter on the outside of the envelope, then seal and mail it.
Using a VPN to download sketchy files won't help you for the contents of the files you download, but it will keep your network provider from being able to throttle your connection because they think the site you are on is sketchy. The legality of what you download does not change, but who knows what you are downloading does.
PIA is the VPN I use.
The main thing you are looking for here is that they do not keep logs.
Other no-Log VPNs include
- Surfshark ($53 / 27 months or average $1.96/month)
- PIA ($79 / 36 months or average $2.19/month)
- Express VPN ($68.40 / 28 months or average $2.44/month)
- There are others (Nord, Mullvad, Proton), these are the cheapest of all six offerings.
I am not paid by any VPN, but I do have an affiliate link for PIA because I use them. None of the other links on this page are affiliate links.
You should have a VPN to stay safe while traveling.
If you spent enough time on something, you owe it to yourself to back it up.
Two copies is one copy, and one copy is none copies.
An offsite (cloud) backup is best, but nothing is perfect.
Backup frequency is important - try and have a weekly backup that runs automatically.
Try and have the data backed up on a different power grid (cloud or across town), or have it backed up fully offline to avoid issues when the power goes out and can fry your equipment.
Two is one, One is none. Have 3 copies of your data, across two types of media (hard drive/cloud/usb etc), and have one offsite or offline
You should have a data backup solution for projects worth backing up
The more time a bad actor has to your stuff, the more likely they'll be able to own your digital accounts.
Something something don’t give people 2.4 billion years to hack your shit. Check on it occasionally.
Access is ownership
- When you pass, someone should be able to manage your online accounts.
- Keep an Apocalypse Notebook with Financial information, anything important, and most importantly, an offline copy of your master passwords.
Second Brain
Additional Reading and Viewing
Lawyer, Passport, Locksmith, Gun - These four things are critical, but you need to get them before you need them.
- Key life documents - Will, Birth Certificates, Passport, Vault (Apocalypse Notebook)
1. Password Manager
2. Closest Friends' Contact Info
3. Trusted Circle
4. Legal Representation
5. Key Life Documents
6. Birth Certificates
7. Passport
8. Data Backup Solution
9. Insurance & Banking
10. Shared Vault Framework
11. Stop the Bleed Class (CPR, First Aid Essentials)
12. Try Shooting/Competing
13. Find a Locksmith (Test your backup)
14. Meet Neighbors, Share a key
15. Soft Skills
16. Go Bag & Evac Drills
How big is your Haystack?
- Long, Complex Passwords are better for math reasons.
Password Strength (XKCD)
How to make easy to memorize passwords
Ghost in the Wires
The easiest compromise point is the human point of entry