While visiting Twilio for a day on my two-week programming pilgrimage I learned that I've been pretty insecure. Joël Franusic (@jf) explained that I needed a security makeover. You probably do too! So let's get started. Follow the suggestions as you read this article and by the end you can be pretty comfortable about your everyday security.
Step One: Lock down your email
You probably check mail from several machines and in many places. If somebody breaks into your email account then they can reset your password on all kinds of other accounts. Take some time to secure this vital foundation of your online security.
- Enable two-step authentication for web mail. This will text you an additional unique code every time you try logging into your email online. You will need to respond with the code after using your password. Gmail users can enable two-step auth here.
- Create an application-specific single-use password for your mail client. You can later revoke access if you believe your computer has been compromised.
Step Two: Manage your passwords
It's time you make crazy unrelated passwords for all sites. It's also time to keep track of them in a secure and orderly manner.
- Think of two passwords, one of them very long and difficult. These are the only two you will need to remember.
- Buy 1Password ($50) or Lastpass ($0) and use your difficult password to secure its vault.
- Use your other password for a new Dropbox account. Link 1Password to the Dropbox account so you can sync all your computers/phones to the same password vault. Linking to Dropbox is a simple setting within 1Password.
- Now change your password on all sites you use. You can get good auto-generated random passwords from 1Password.
Step Three: Protect your computer
- Clear your browser's password cache, and never allow it to remember passwords.
- Enable a password-protected screensaver and have it turn on after five minutes.
- Add a mouse hot-corner to the screen that starts the screensaver. When you walk away from your computer, use the hot corner.
- Ensure your mac firewall is turned on.
- Turn on filevault encryption for your hard drive. Do this before you go to bed because it takes a while to encrypt the first time it runs.
Step Four: Physically secure documents
All your schemes eventually end at physical security. You probably want to store your master password somewhere your next of kin can access, along with instructions for how to use it to unlock your password file. Put this stuff in a safe deposit box at your bank.
Items to store in a safe deposit box:
- social security card
- marriage license
- car title
- birth certificate
- insurance policies
- 1password master key
- backup of 1password filevault on a usb drive
- your spare single-use email password
Do all the above and you're in a pretty secure position. Does anyone know some tricks I have left out?
Crossposted on blog.begriffs.com.