Protecting one’s digital life is hard but I’ve taken a few decent steps towards securing mine.

Passwords

You should use a unique, “strong” password for each online account you have. That way, if one gets compromised, it doesn’t lead to many (or in some cases, all) of your other accounts being breached.

The easiest way to do that is using a password manager like 1Password, LastPass, Bitwarden or Dashlane. They allow you to easily make, store and recall a unique password per account easy.

I’ve been doing this for many years now but it took me a long time to rectify the many accounts that all shared the same password.

Multi Factor Authentication

I know that 2FA/MFA is a good security measure to have on all your online accounts that allow it but never really bothered setting it up on anything that wasn’t money related. Now I’m in the habit of setting 2FA anywhere that’ll allow it.

SMS is OK but I avoid it if I can. Time based one time password (TOTP) are better and I’ve used password managers or authenticator apps (like Microsoft Authenticator and Authy) to handle those. I’ve recently introduced a YubiKey into my life that’ll allow me to setup the “hardware device” MFA option anywhere I find it.

PGP Keys

My newest addition is with PGP keys and seeing how and where they can assist in my security measures. I’ll trialing sending signed and encrypted emails, storing encrypted files, and using PGP keys with my SSH servers and Github account.

Basically it’s just a public/private crytographic key pair where you are the only one with the private key - so you are the only one that can sign, encrypt or authorise using those keys. Pretty neat.