Skip to content

Home

Jump to bottom
didnt1able edited this page May 11, 2020 · 7 revisions

Welcome to the Internet Security wiki!

There are many easy ways to keep yourself relatively secure on the internet. I will list a few simple ways below and a small bit of text describing why the practice is useful

Use two-factor authentication apps where available. If the service does not support the use of TOTP apps you can your phone number. However having OTP ‘s sent to your phone does come with its own security risks, the attack vectors are more obscure and require social engineering or physical access to the phone. Having it is better than not but SMS is inherently insecure. I would personally recommend Authy as a good TOTP app because it is cross platform and if you keep your devices encrypted and choose strong a strong password it's just as secure and more convenient than other single device options.

Using a password manager and generating random secure passwords or passphrases is a habit you should be getting into. Reusing passwords, using insecure passwords is an internet sin that I'm sure most people are very guilty of. That practice is a very bad choice. If one service gets compromised and your password is leaked, can leave your other accounts at risk of being hacked. Make sure you use a secure “master password”. There are many tutorials on choosing passwords that are easy for you to remember and hard for computers to guess.

Passphrases are a very good option for passwords that you would like to be able to read. I'm sure everyone can agree “7uUIY67b%^$*ui7^O8h8gyyv%Hijhhl(Y&Y*&” can be a little hard to type in if you need to sign in on a device that you don't want to install your password manager software on or send through other means. Random passphrases are a string of words from the dictionary so they are easy for you to read and remember following the principles of mnemonic devices. “super-biscuit-fantastic-banana” is much easier for a human to mentally digest and reproduce in another form. Having these two services are good steps towards securing your online accounts. This is why you should not use the same password everywhere. Password dumps like this are very easy to get your hands on and if someone gets the one password you use everywhere you are in trouble. There is a service called "haveibeenpwnd" where you can check if your email has shown up in any of these dumps.
Here Is a good example of what poor password practices can lead to.

Clone this wiki locally