TL;DR: DON'T BE FUCKING STUPID AND SECURE YOUR SHIT!
For the past 2-3 years i have been putting a lot of attention into securing my accounts as good as i can. There have been too many major data breaches. You can easily find a massive compilation of E-mails, passwords, IPs etc on the darkweb or even just by going on some torrents website.
If you are interested to know more about those breaches, then here's an interesting article where you can read about a massive db compilation:
cybernews.com
Even today, people are unaware (especially non-tech) and tend to use easy passwords for various websites. This is just how we humans work, we want the "easy way out" and not something complex. But this is technology and in technology everything has to be COMPLEX.
I also recommend to check this site out: https://haveibeenpwned.com/ Here you can enter your e-mail and check if your email was in a data breach.
That said, let's move onto the password manager.
There are many password managers out there, some free some paid. People tend to go with the "hype train" and what happens if you go with the "hype train"? Well you get F in the ass. Sooner or later. This is what happened with LastPass (if you used it, you will know what i'm talking about) I have personally never tried it but read an article recently about their new "changes". Due to these recent changes a lot of people stopped using lastpass and moved onto something better
And.. here we are, bitwarden. This is my go-to password manager. I have been using bitwarden for a very long time (recently upgraded to premium, costs only 10$/year) Bitwarden is one of the last password managers that's free. The "free" plan has everything you need and want. You can create unlimited logins, install and use the app on multiple devices, you can use the built-in password gen and it's open source!
To start using bitwarden create an account on their website: Bitwarden Registration Link
NOTE: DON'T LOSE YOUR MASTER PASSWORD, BEST IS TO WRITE IT DOWN ON A PAPER!
If you lose your Masterpassword you will not be able to recover your account.
You can install bitwarden on your IOS/Android device, MacOS/Windows or obviously you can have it intergrated into the browser (addon).
You thought that was it? huh? 2fa? what is that?
Well, having unique complex passwords for each website is already a great step towards securing your credentials. But we can do even better. Here is where 2FA comes in to play.
Even if a hacker manages to get your password and tries login into your account, 2FA will prevent them to do so. 2FA generates unique 6 digits that rotate every 30 seconds. Without entering the correct digits in the login field you will be locked out of the account.
Just like with the PW manager, there are various apps for 2FA as well. But i would recommend to download Authy. In case you lose your device or the phone dies your codes will be backed up.
Are there any down sides? Yeah obviously, if you lose your codes you are fucked. Your account is gone forever, unless an admin (depends on the website you visit) is ok with deactivating your 2FA.
Also note: Not all websites provide 2FA but since this is 3D Forums: Fun fact did you know that Xenforo has built-in 2fa? I recommend you activate it. I have mine activated. Plus im sure esko is willing to deactivate it for you if you fuck something up.. hehe.
For the past 2-3 years i have been putting a lot of attention into securing my accounts as good as i can. There have been too many major data breaches. You can easily find a massive compilation of E-mails, passwords, IPs etc on the darkweb or even just by going on some torrents website.
If you are interested to know more about those breaches, then here's an interesting article where you can read about a massive db compilation:
COMB - Biggest Data Breach of All Time Explained | CyberNews
More than 3.2 billion unique pairs of plain text emails and passwords have been leaked for free. This makes it the largest compilation ever.
cybernews.com
Even today, people are unaware (especially non-tech) and tend to use easy passwords for various websites. This is just how we humans work, we want the "easy way out" and not something complex. But this is technology and in technology everything has to be COMPLEX.
I also recommend to check this site out: https://haveibeenpwned.com/ Here you can enter your e-mail and check if your email was in a data breach.
That said, let's move onto the password manager.
There are many password managers out there, some free some paid. People tend to go with the "hype train" and what happens if you go with the "hype train"? Well you get F in the ass. Sooner or later. This is what happened with LastPass (if you used it, you will know what i'm talking about) I have personally never tried it but read an article recently about their new "changes". Due to these recent changes a lot of people stopped using lastpass and moved onto something better
And.. here we are, bitwarden. This is my go-to password manager. I have been using bitwarden for a very long time (recently upgraded to premium, costs only 10$/year) Bitwarden is one of the last password managers that's free. The "free" plan has everything you need and want. You can create unlimited logins, install and use the app on multiple devices, you can use the built-in password gen and it's open source!
To start using bitwarden create an account on their website: Bitwarden Registration Link
NOTE: DON'T LOSE YOUR MASTER PASSWORD, BEST IS TO WRITE IT DOWN ON A PAPER!
If you lose your Masterpassword you will not be able to recover your account.
You can install bitwarden on your IOS/Android device, MacOS/Windows or obviously you can have it intergrated into the browser (addon).
You thought that was it? huh? 2fa? what is that?
Well, having unique complex passwords for each website is already a great step towards securing your credentials. But we can do even better. Here is where 2FA comes in to play.
Even if a hacker manages to get your password and tries login into your account, 2FA will prevent them to do so. 2FA generates unique 6 digits that rotate every 30 seconds. Without entering the correct digits in the login field you will be locked out of the account.
Just like with the PW manager, there are various apps for 2FA as well. But i would recommend to download Authy. In case you lose your device or the phone dies your codes will be backed up.
Are there any down sides? Yeah obviously, if you lose your codes you are fucked. Your account is gone forever, unless an admin (depends on the website you visit) is ok with deactivating your 2FA.
Also note: Not all websites provide 2FA but since this is 3D Forums: Fun fact did you know that Xenforo has built-in 2fa? I recommend you activate it. I have mine activated. Plus im sure esko is willing to deactivate it for you if you fuck something up.. hehe.
