• 1 Post
  • 15 Comments
Joined 1 year ago
Cake day: June 3rd, 2023
  • PrivateOnions@lemmy.mltoPrivacy Guides@lemmy.oneCan someone give me a good rundown on how to keep my accounts safe but also not locking myself out ?English
    18·
    1 year ago

    I would heavily recommend that you don’t put all your eggs in the same basket ESPECIALLY when it comes to a password manager. If youre going to use Proton Pass, make a separare email for that.

    To answer the next question, yes you do bother with 2FA ESPECIALLY for a password manager. I mean, you are literally storing like 30 or however many passwords, pretty much your entire digital life there. Do you think it is a good idea to have only one form of verification, one that can be easily cracked through a data breach, to hold all of your passwords? There is a reason why services like banks force you into 2FA when it comes to online banking. And you won’t have to worry about locking yourself out as long as you backup your 2FA tokens, and also keep a copy or two of the recovery codes, preferrably in an encrypted file container on a computer and a usb drive.

    Next question: use long pass phrases. Something like: Fediverse-American-Samsung-Electric-Hydro-Synth, you get the point. It is easier to remember than a password.

    Use email aliases as much as you can. Simplelogin and Anonaddy are the two best recommendations. The less your real email is visible, the chances of it being in a breach is lower.

    As for your threat model, if you don’t want to get hacked, do pretty much as I said above. Don’t put all your eggs in the same basket, use a password manager with a strong passphrase and 2fa enabled. Enable 2fa for as many services as possible and make backups and keep the recovery codes safe. Use email aliases to mask your real email.