1. Easy PassPHRASES instead of complex PassWORDS
- as long as they are LONG...
New/modern recommendations based on the recent developments in technology/power/capacity (to brute-force/crack weak passwords, etc.) are now suggesting that the very minimum lenght of a password is 12 characters (better: 15...), which unlike before, can be just like a line from your favorite poem, often also inluding spaces (" ") between the words (BUT we think that it is better to be on the safe sode to avoid problems with "some" services", so it is safer to use a dot ("."), comma (","), dash ("-"), underscore ("_") or exclamation mark ("!") instead of spaces between words in such a "phrase" or "poem line". Then if you want to really enhance the security of your passphrase, add just a strange "twist" ("1TWIZT"..?) to the end of your passphrase. (Anything that is NOT a normal word in a common dictionary.)
2. "Secure Paper Notes"
Tricks to use playwords/creativity/fantasy/etc. to replace "text strings" with your own associations, so that if anyone gets access to where you write down your passwords/secrets, they will not understand "the real one" or "how to use it".
2. Multi-Factor Authentication / 2FA / U2F
Especially "multiple second factors"; so you can have 2 or more second factor "2FA"/TOTP codes and 2 or more "Security Keys" (Yubikeys, etc.) on each account. Why, how and where...
3. Servers/Services / Self-Hosting / WebServices
Where to put your trust? Potentially now in yourself as a Self-Hoster of some stuff, for example Files/Video share, etc. There are now a multitude of small, automateable home servers that you can use to be your own host; hence avoid having to trust others, and really be the boss of your own backups etc... #SelfHosting has several significant benefits and a huge untapped/unknown potential besides the obvious economical money-saving aspect.
5. Tools for the job
Software/applications/apps, Hardware, etc. are needed in order to manage several of the 4 elements mentioned above. The main problem is that the majority of people have simply accepted the solutions offered by "the market", ending up tied to "silos" etc. where you are not the real owner or in control of your account/data/contacts, and cannot easily move elsewhere without having to start from scratch.
Locked services and devices do in practise limit BOTH your security AND your flexibility; Therefore it is important to embrace long-standing, mature open solutions (Linux/RaspberryPi/++)
We invite you to join an online + physical meetups/workshops community with focus on practical IT security to avoid common problems, raise your own efficiency, prevent unnecessary vulnerabilities and potential data loss, as well as protecting you against the damage a databreach or the like may bring to your meticulously earned reputation.
Competence - MOMOC-zone's 12 Competence areas, collaborative security: how a community helps us to stay sufficiently updated, open-standards, quality-control, auditing, reviews, transparency, naivity, (good/bad) habits (and all the difference just a small tip/insight might mean), USB, firewalls, networking, hacking, laptops, tablets, smartphones, computers, raspberry-pi, encrypted file containers, linux, live-usb, smarter passwords (and tricks to write them down safely so nobody but you can 'make sense of that note), secure-messaging, file-management, Linux, NextCloud, content-management, cPanel, shared-hosting, VPS, community-management, two-factor / two-step / multiple-second-factors, FIDO-alliance secure authentication standards, etc.
databreach, bugs, tips, insight, best-practise, learning, Android, 2FA, U2F Universal-Second-Factor (FIDO standard, incl. "WebAuthn"), Security-keys, TOTP (smarter/more flexible "Google Authenticator alternatives"), Yubikeys, HOTP, MFA, challenge-response, security-stories, etc.
Copyright (c) 2023 - www.Zafe.space