3DSC 2.18: Clean Up Your Digital Clutter

Today I am going to ask you to to take a step that will reduce your attack surface online: clean up your digital clutter by identifying and closing unused accounts. Online accounts exist in what I like to call “enemy territory”. The are on hardware that you do not control, owned by companies that make very few promises to you about how they will handle your data, and as public-facing sites, are subject to far greater risk than your home computer. Accounts you no longer use represent nothing but risk. Continue reading “3DSC 2.18: Clean Up Your Digital Clutter”

3DSC 2.16: Use Unique Usernames for Online Accounts

Giving out your email address can introduce some vulnerabilities.  While most of these are privacy concerns, there are some security concerns with this, as well.  Your email address is attached to your “real” accounts.  This allows advertisers, data-aggregators, and hackers to see linkage between your accounts.  Security-wise, your email address is your username for some services.  If an attacker tries to hack one of your accounts (your Amazon.com, bank, or Facebook account), he or she probably already knows your username. Continue reading “3DSC 2.16: Use Unique Usernames for Online Accounts”

3DSC 2.14: Change Online Account Passwords

Last weekend, I asked you to install  password manager. This is a critical step in performing today’s task: today I will challenge you to change your online account passwords begin changing your online account passwords.  Don’t rush in and try to change them all at once – there’s a good chance you will get locked out of something.  Instead, change your passwords during your normal logins.  Continue reading “3DSC 2.14: Change Online Account Passwords”

3DSC 2.13: Migrate to Private & Secure Email Provider

Today I am asking you to to setup a private and secure email account. I realize that many of my readers are already using ProtonMail (but I also know that some are not). If you are using ProtonMail, don’t worry – I have included tasks for users at all levels of the email migration process.

Continue reading “3DSC 2.13: Migrate to Private & Secure Email Provider”

3DSC 2.0: (Almost) Halfway Point

Hey guys, I just wanted to take a second to acknowledge that we are almost at the halfway point in the Thirty Day Security Challenge (3DSC) 2.0! I also want to briefly recap what we’ve covered. If you’re just joining us here this is also a great place to start getting caught up. Continue reading “3DSC 2.0: (Almost) Halfway Point”

3DSC 2.11: Install a Password Manager

Today’s task is install a password manager on your computer and/or phone. This is an absolutely critical step.  Future posts in this series will ask that you change current passwords and create new accounts with good, strong passwords.  Being limited to feeble human memory requires most of us to choose poor passwords.  We use the same ones on multiple accounts and some of the new ones we will create this month will probably be lost or forgotten.  Storing passwords insecurely on a Word document or spreadsheet isn’t a great idea, either, since it’s really vulnerable to loss.  The password manager will solve these problems for us by creating good passwords, recalling them for us, and storing them securely. Continue reading “3DSC 2.11: Install a Password Manager”

3DSC 2.10: Firefox Security & Privacy Add-ons

Earlier this week I recommended that you install Mozilla Firefox and adjust its privacy and security settings, and yesterday I talked about installing NoScript. Both of these tasks have made Firefox much more private and secure. Today I will ask you to install three more Firefox security and privacy add-ons, and remove some others.

Continue reading “3DSC 2.10: Firefox Security & Privacy Add-ons”

3DSC 2.9: NoScript Security Suite

NoScript Security Suite

Difficulty: Hard. Installation is easy, but learning to use NoScript can be challenging. Please refer to the video
Active Time: 1 minute to install, 30 minutes to learn
What it Protects You From: Executable web content (JavaScript, Java, Flash, Silverlight, et. al.),  cross-site scripting (XSS), click-jacking, automatic boundary enforcement

Continue reading “3DSC 2.9: NoScript Security Suite”

3DSC 2.8: Adjust Firefox Settings for Security

Yesterday we began to shift our focus outward from the local system.  Today we will continue this shift by installing Firefox and modifying some of its settings.  Browser security and privacy settings play a big role in how easily websites can track you.  Firefox gives you the maximum flexibility to control these settings to your benefit.  It also has one other huge benefit that other browsers do not, and we will discuss this tomorrow. Continue reading “3DSC 2.8: Adjust Firefox Settings for Security”