Cybersecurity Anxiety - Secure your accounts, Relax and Sleep Well Again.

I'm staring at the screen and moving my mouse around the button:

"REGISTER"

The site I'm on seems interesting but the thought of having yet another account, yet another new password makes me feel literally sick.
Have you ever felt like that?

Every choice sucks:

  • don't make an account: feels like I'm punishing myself, i do kind of want to join this site.
  • make an account and use an old password: - yeah but then I'm exposing myself and possibly all the other accounts with the same password.
  • make an account and use a new password: - this is again like a burden. I'm so sure i'm gonna lose it and next time i'll have to push the "remember your password" button which I hate and it's just so tiring.


What to do....what to do....
Even this hesitation is tiring for me. I feel exhausted from taking so much time to make such a small decision already.
FUCK IT! i'll just use my old password.
It's "password123" [don't judge me!]

Now, I feel aghast that the hackers will get to me. Maybe i should use a longer one: "passWORD123!" yeah, this looks good. I check it with this fun tool and it says:
It would take a computer about 34 THOUSAND YEARS to crack it
That sounds good enough, but can I even trust that?
Oh well.

Too bad I'm sure to forget next time and I'm back to scratching my head when I need to log in. Maybe I could use the "remember me" button, but is this safe?

The thing is, I don't know.
I don't know what's safe and what's not, I don't even know if what I know is true or accurate. The more I read about security online the more I feel that the less I know.
" use a long password" "use a long sentence" "use a dice" "use letters and numbers"
I'm in utter confusion over my cyber-security and I'm feeling always anxious that I have forgotten something, and left a door opened, so big that any security specialist would just shake his head and think " ...that did you expect?".

I can't be the only one, right?

Since joining steemit, I am now familiar with a new security rule.
You should know it too, it's the bizarre 4th rule:

If you can remember your password than it's not secure!

Don't tell me you didn't shake your head in wonder at this rule.
What Does It Even Mean?!
and
Is this supposed to help me? Bring to me the security enlightenment I so badly needed?

It did and it didn't. Yeah, I got to thinking more about this but also the more you delve into something, usually, the more you realize how shallow your understanding is...That's my experience with security too.

I used to believe I was doing security right because I never had a problem but then, this could only mean I got lucky.
It's easy to confuse lucky with good. Don't make this mistake, please!

I embarked on a journey to find out more and see what is right for the average user. If you don't work in security or have nuclear plant in your backyard, you are probably an "average" user.

After all my research and talking with some people that know more than I ever will on security, I cam to believe that prevention is key. Here are my best advice for that and for having secure, hassle free accounts on all your internet journeys.

Never re-use your password.
Always use 2FA if you have the option.
Use a password manager.

Let's take a look at each of this one and their importance.

Never re-use your password.

Did you hear about the teamviewer hack? Well, this is exactly why it was so bad. A lot of people just used their regular password for teamviewer and once the hackers got control of that, they had control of everything else [ the fact that they had access to the computer and could see the most used sites and the e-mails used for that helped too].
This is one of the most common strategy, hack a low-security site and re-use the e-mail/password combo you find there..everywhere. Hello, Amazon! Goodbye, money!

Always enable 2FA

2FA means two factor authentication
The concept is that you increase the security by needing two things:
one you know [ the password]
one you have [ a phone number, an RSA key, smth else ]

Most people use Google Authentificator or just their phone numbers to receive a text [ a text might be as as bad thought so think twice about that ]
Duo is also good.

One vulnerability of this is that you still "know" your password and thinking that the second part of 2FA protects you may cause you to be lax about the password. Yet, how to remember so many passwords.

Which bring us to the last point...

Use a password manager

I use LastPass and many do. Why and how to use it, I can't add anything more to this post by Robrigo. Read it and learn!

It's great because Lastpass will generate a password based on your preferences - 20 or 100 characters, numbers and letters and other stuff. Instantly. Then remember it and put it in your vault. You don't know it, but you know it' s safe there!

Now, you only need to remember ONE PASSWORD: Your lastpass password!
Write it down, then put it in a case, then lock that down, then put it in a vault, then lock that down, then hide that in a wood and put the map of the hidden treasure in a new vault and do the same three times now.
Should be safe.



LastPass nuclear vault is there

I follow my own advice now and I can tell you that my anxiety over new passwords and the ease with which LastPass does all the remembering and generating secure passwords for me.

Yet...now my anxiety shifted from not having enough security to having too much. Have I new built a too powerful vault. What if someone gets in there somehow? It would be devastating, as all my passwords are in there.

And what if I lock myself out this mighty vault. How stupid would that be?

But the main idea is that security is an ongoing battle and there's always a compromise to make.For now, I chose to make this one.
You pick your own.

Thank you for reading.

H2
H3
H4
3 columns
2 columns
1 column
13 Comments