Difference between revisions of "Security notes - security for the everyday person"

From Helpful
Jump to: navigation, search
m (=Drive encryption and TPM)
m (Is it important to use a password manager?)
Line 26: Line 26:
  
 
-->
 
-->
 +
 +
==Is it important to encrypt my phone?==
 +
<!--
 +
 +
Perhaps the largest reason to do so is peace of mind if it gets stolen:
 +
Once it turns off, no one will get into its data without the unlock key.
 +
 +
It's becoming more common for phones to be encrypted by default.
 +
 +
 +
'''However''', this is only as strong as the key you use to unlock.
 +
 +
If you use a swipe pattern (you have a choice of swipe or number),
 +
well, those have weaknesses much like common passwords.
 +
For example, basic shapes and letters will apparently unlock at least half of all phones,
 +
within 100 or so guesses.
 +
 +
So this is arguably [[LARP security]] - you're pretending it's more than it physically is.
 +
-->
 +
  
 
==Is it important to use a password manager?==
 
==Is it important to use a password manager?==
 
<!--
 
<!--
  
It's not the ideal solution, but it's a tradeoff that is currently good for mostly practical reasons.
+
This one is primarily defined by a few practical tradeoffs, including:
 +
 
 +
* If you do not use a password manager, you will need all your passwords in your brain
 +
: That probably means you will only use a few for everything - password reuse is easier on you,
 +
: ...but terrible when one of them is discovered because you won't even remember what accounts you use it on
 +
 
 +
* browser password managers help that last-mentioned issue
 +
: You can generate a random password for each site, and it will remember for you. Most sites have recovery anyway.
 +
: however, anyone at your unlocked browser has access to all your accounts, even if they can't kn
 +
: which is why a password unlock
 +
: physical access is ''usually'' a smaller concern (it tends to allow many other exploits too) but it is still good to consider
 +
 
 +
* separate password managers are focused a ''little'' more on security than convenience
 +
: but that's also a reason you may not adopt one very easily
 +
 
 +
 
 +
tl;dr:
 +
* It's not the ideal solution, or the more secure
 +
* but it's better than not,
 +
* and you get go control the security/convenience tradeoff you want
  
 +
----
  
 
Primarily because of password reuse - without one, most people use at most a handful of passwords.
 
Primarily because of password reuse - without one, most people use at most a handful of passwords.

Revision as of 14:11, 27 September 2021

Security related stuff.

Practical


Theory


Unsorted

Is it important to use antivirus/malware protection?

Is it important to encrypt my phone?

Is it important to use a password manager?

Is it important to use a VPN?

Is it important to use secure mail?

So these messenging apps are the end-all then?

Laptop hard drive encryption

Practical side

A note on speed

Techical side

Drive encryption and TPM