10 Tools and Security Tips to help you stay safe online
There are some steps you can take to manage your online security and choose the right level of protection for you.
1. Use a Password Manager
It’s recommended to use a Password Manager to generate and store all your credentials for online services. They also use to have a vault to store any sensitive information. You can store users, passwords, credit cards info, etc.
Some good alternatives:
You will need to define (and remember) a master password to access your password manager. You only need to remember this password. A simple 4 to 6 English words as a master password is enough to protect your password manager account. Remember to back up it on paper and store it in a safe place.
You can use this tool to verify if your password is strong:
2. Enable second-factor authentication (2FA)
2FA is an extra layer of security used to make sure that people trying to gain access to an online account are who they say they are. It’s very important to enable 2FA for each online account you have as soon as you signup.
Try to avoid using SMS/Whatsapp/VoiceCall as 2FA, because they are the less secure 2FA alternatives. When opting for phone number-based two-factor authentication, your telecommunication provider emerges as a singular vulnerability point. Malicious people could conspire with or trick an employee at your carrier to transfer your phone number to their device (SIM swapping).
Hardware Security Keys
A hardware security key is a way to prove that you is trying to access or sign in to something. Security keys are a form of second or multi-factor authentication (MFA). This means that when you log in with your normal credentials, you’ll be asked to provide your security key, too.
Here are some good options you can buy on Amazon:
Authenticator Apps
The most popular form of two-factor authentication uses a software-generated time-based, one-time passcode (also called TOTP, or “soft-token”).
Here are some good alternatives:
It’s very important to back up your authenticator app, so you don’t lose access to your online account if you lose your phone with your 2FA.
Authy talks about that topic in these blog posts:
Google Authenticator doesn’t offer an intuitive way to back up your token. You can read more about that here:
3. Use FileVault to encrypt the startup disk on your Mac
If you use a Mac, then you should encrypt your startup disk with FileVault. FileVault full-disk encryption (FileVault 2) uses XTS-AES-128 encryption with a 256-bit key to help prevent unauthorized access to the information on your startup disk.
You can create a local recovery key. Keep the letters and numbers of the key safe on your password manager.
4. Cancel the voicemail service on your phone
Some sites use the voicemail service as a way to recover access to your account. Is usual to have default codes to access your voicemail. So, disabling it (given it is now obsolete technology) is a good idea to improve your security.
5. Set a firmware password on your Mac
When you set a firmware password, users who don’t have the password can’t start up from any disk other than the designated startup disk.
This feature requires a Mac with an Intel processor. For the equivalent level of security on a Mac with Apple silicon, simply turn on FileVault.
6. Configure a PIN and an email on WhatsApp
WhatsApp offers the possibility of configuring a PIN and an email address as two-step verification. After that, you will need to enter your PIN when registering your phone number with WhatsApp again. This is useful to avoid attacks where your mobile phone line is stolen.
You can manage two-step verification settings in your WhatsApp account. WhatsApp offers the option to enable or disable this feature, change the PIN or update the email address associated with two-step verification.
7. Phone Screen Lock
Using a 6 digits PIN code to lock your phone is better than a pattern. The pattern prints can be seen on the screen. If you still want to use a pattern, at least use one where the lines overlap, so it’s more difficult to guess your pattern.
8. Private Email Account
Create a private email account that nobody knows. Use that account for:
- Recovery email of other accounts
- Password Manager
- Financial Accounts. For example, crypto exchanges, banks, etc
Proton Mail is a secure email that protects your privacy, so you could use it for your private email account:
9. Account Recovery
Some services, like Google, let you configure recovery options, so you can use them in case you lose access to your account.
The first piece of advice here is to avoid using your phone number as a recovery method. Is very easy for bad actors to steal your phone line and then use it to access the accounts where you configured the phone number as a recovery option.
Instead, you can use your private email account (created on tip 8) as the recovery method.
10. Streaming services passwords
Strong passwords with symbols, letters, and numbers can be difficult to type with your control remote on your TV. So, for streaming services, a more simple password, but still secure enough, can be used. You can use just random numbers splitter by dashes, so they are easy to read and type in your TV. For example: 373–836–826–735
Visit our Website
With so many hardware wallets on the market, it can be challenging to choose the right one for your needs. That’s where our Hardware Wallet Comparison TheBitcoinHole.com website comes in. You will find the most comprehensive and honest resource for comparing the features of the top hardware wallets.
Support Us
There are different ways to support our work:
Related Articles
If you enjoyed this article, you might get value out of these as well!
