Zafe.space

- staying Zafe together...

5 essential elements

- as long as they are LONG...

New/modern recommendations based on the recent developments in technology/power/capacity (to brute-force/crack weak passwords, etc.) are now suggesting that the very minimum lenght of a password is 12 characters (better: 15...), which unlike before, can be just like a line from your favorite poem, often also inluding spaces (" ") between the words (BUT we think that it is better to be on the safe sode to avoid problems with "some" services", so it is safer to use a dot ("."), comma (","), dash ("-"), underscore ("_") or exclamation mark ("!") instead of spaces between words in such a "phrase" or "poem line". Then if you want to really enhance the security of your passphrase, add just a strange "twist" ("1TWIZT"..?) to the end of your passphrase. (Anything that is NOT a normal word in a common dictionary.)

Tricks to use playwords/creativity/fantasy/etc. to replace "text strings" with your own associations, so that if anyone gets access to where you write down your passwords/secrets, they will not understand "the real one" or "how to use it".

Especially "multiple second factors"; so you can have 2 or more second factor "2FA"/TOTP codes and 2 or more "Security Keys" (Yubikeys, etc.) on each account. Why, how and where...

Where to put your trust? Potentially now in yourself as a Self-Hoster of some stuff, for example Files/Video share, etc. There are now a multitude of small, automateable home servers that you can use to be your own host; hence avoid having to trust others, and really be the boss of your own backups etc... #SelfHosting has several significant benefits and a huge untapped/unknown potential besides the obvious economical money-saving aspect.

Software/applications/apps, Hardware, etc. are needed in order to manage several of the 4 elements mentioned above. The main problem is that the majority of people have simply accepted the solutions offered by "the market", ending up tied to "silos" etc. where you are not the real owner or in control of your account/data/contacts, and cannot easily move elsewhere without having to start from scratch.

Locked services and devices do in practise limit BOTH your security AND your flexibility; Therefore it is important to embrace long-standing, mature open solutions (Linux/RaspberryPi/++)

Help to help each other: Online community

We invite you to join an online + physical meetups/workshops community with focus on practical IT security to avoid common problems, raise your own efficiency, prevent unnecessary vulnerabilities and potential data loss, as well as protecting you against the damage a databreach or the like may bring to your meticulously earned reputation.

Categories:

• addons (browsers)
• apps (smartphones/tablets)
• automation (backups, routines)
• backup / restore
• browser-security
• communities: managing your own closed/open online community with good (multi-level?) security and two-factor authentication ("2FA"/"U2F")
• content management strategy (ownership: CreativeCommons++)
• control-panels and your practical flexibility
• cryptocurrency / blockchain security perspectives and solutions: risk limiting incl. preparations/habits/routines of the security of software & hardware electronic wallets
• smAil :-) (smarter email (and more secure))
• encryption (insights, alternatives)
• hardware & open-hardware
• home office / online meeting rooms / remote workplace / telecommuting / remote control
• hosting (alternatives, suppliers, flexibility, costs)
• licenses (insight / perspective / strategy)
• multi-factor-authentication
• operating-systems (Linux, USB sticks with Tails Live OS, ++)
• parental guidance
• perspective (mature technologies; IT zeitgeist)
• privacy (semi-anonymity: real anonymity is "impossible")
• reputation management
• secure chat / messaging & file sharing
• smart contracts (blockchain) , digital signatures (PDF++)
• smartphone-security (tools, practises, insights)
• smb (single-board-computers)
• social-media
• socialMedia21c (next-generation is already here)
• software & open-source
• standards / open standards (insight, perspective, strategy)
• strategy (plan your IT usage, identify/avoid pitfalls, etc.)
• virtualization (avoid security concerns by task separations)
• vulnerabilities (insight, habits, tools, best-practises)
• wsa (web-service-administration) (benefits of good quality)

Get in touch..:

• Email
• Mastodon / Fediverse (ActivityPub): oslo.town/@MiztrXV
• for secure messaging such as Element/Matrix, SimpleXchat, DeltaChat, Session, Briar, Manyverse, take control via email or Mastodon first.

• [https://www.OpenDesktop.org/] (Community: 1 (FREE) account incl. ALL of the following (decentralizeable) features; Matrix secure chat with multi-level rooms hierarchy, GitLab ("OpenCode"), 5GB NextCloud, Forum, Mastodon (decentralizeable Twitter alternative), and more.) {PS. Unaffilated service; hosted in EU (Germany).}

Topics:

Competence - MOMOC-zone's 12 Competence areas, collaborative security: how a community helps us to stay sufficiently updated, open-standards, quality-control, auditing, reviews, transparency, naivity, (good/bad) habits (and all the difference just a small tip/insight might mean), USB, firewalls, networking, hacking, laptops, tablets, smartphones, computers, raspberry-pi, encrypted file containers, linux, live-usb, smarter passwords (and tricks to write them down safely so nobody but you can 'make sense of that note), secure-messaging, file-management, Linux, NextCloud, content-management, cPanel, shared-hosting, VPS, community-management, two-factor / two-step / multiple-second-factors, FIDO-alliance secure authentication standards, etc.

Tags:

databreach, bugs, tips, insight, best-practise, learning, Android, 2FA, U2F Universal-Second-Factor (FIDO standard, incl. "WebAuthn"), Security-keys, TOTP (smarter/more flexible "Google Authenticator alternatives"), Yubikeys, HOTP, MFA, challenge-response, security-stories, etc.

Copyright (c) 2023 - www.Zafe.space