-
-
Save hhnr/e15b152c2e308aa6c57c06e87b46e4fa to your computer and use it in GitHub Desktop.
Revisions
-
arshiamufti revised this gist
Jan 29, 2018 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -25,4 +25,5 @@ Some good extensions to use (Chrome/Firefox) are 1. GPG sign your git commits 2. set up SSH via SSH key for any boxes you frequently sign into and disable SSH via password 3. Set up HTTPS for any website you administer. 4. Consider using a security key (yubikey) for your accounts. -
Jan 29, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,6 @@ ## Online Accounts 1. Move all your login credentials to a password manager. Do a security audit. Update any weak passwords, change any duplicate passwords. If you've saved any passwords in the browser, delete them (and maybe even change your passwords for those accounts for good measure). 2. If you're using biometric login (fingerprints, voice unlock) for any important accounts (such as online bank accounts), don't. 3. Use keybase to authenticate yourself. They have really good setup instructions. * You'll need to generate a public key. You can have Keybase do this for you, but it's better to generate one yourself on your machine and upload it to Keybase. The public key can now be used by anyone if they want to securely communicate with you! -
Jan 29, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ ## Online Accounts 1. Move all your logins to a password manager. Do a security audit and update any weak passwords. If you've saved any passwords in the browser, delete them (and maybe even change your passwords for those accounts). 2. If you're using biometric login (fingerprints, voice unlock) for any important accounts (such as online bank accounts), don't. 3. Use keybase to authenticate yourself. They have really good setup instructions. * You'll need to generate a public key. You can have Keybase do this for you, but it's better to generate one yourself on your machine and upload it to Keybase. The public key can now be used by anyone if they want to securely communicate with you! 4. Set up 2-factor authentication for all your important accounts. I've done this for (so far) Google, Facebook, Twitter, Digital Ocean, and Github. It's best to use an authenticator app (like Authy or Google Authenticator) instead of SMS. -
Jan 29, 2018 . 1 changed file with 13 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,22 +1,28 @@ ## Online Accounts 1. Move all your logins to a password manager. Do a security audit and update any weak passwords. If you've saved any passwords in the browser, delete them (and maybe even change your passwords for those accounts). 2. If you're using biometric login to any important accounts (such as online bank accounts), don't. 3. Use keybase to authenticate yourself. They have really good setup instructions. * You'll need to generate a public key. You can have Keybase do this for you, but it's better to generate one yourself on your machine and upload it to Keybase. The public key can now be used by anyone if they want to securely communicate with you! 4. Set up 2-factor authentication for all your important accounts. I've done this for (so far) Google, Facebook, Twitter, Digital Ocean, and Github. It's best to use an authenticator app (like Authy or Google Authenticator) instead of SMS. * Also download recovery codes for accounts that you *super* care about in case of situations when you don't have access to an authenticator. Store these in a safe place like 1Password or a notebook that you hide from all of the world. ## Web browsing Some good extensions to use (Chrome/Firefox) are 1. Privacy Badger 2. VPN 3. HTTPS everywhere ## Communication 1. Signal: e2e communication. Whatsapp is a less awesome, closed source option. 2. Keybase: for file sharing, communication, etc. ## Misc 1. GPG sign your git commits 2. set up SSH via SSH key for any boxes you frequently sign into and disable SSH via password 3. Set up HTTPS for any website you administer. -
Jan 29, 2018 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -18,4 +18,5 @@ ## Misc 1. GPG sign your git commits 2. set up SSH via SSH key for any boxes you frequently sign into and disable SSH via password -
Jan 29, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,21 @@ 1. move all your logins to a password manager. Do a security audit and update any weak passwords 2. Use keybase to authenticate yourself: you'll need to generate a public key. You can have Keybase do this for you, but it's better to generate one yourself on your machine and upload it to Keybase. The public key can now be used by anyone if they want to securely communicate with you 3. Set up multi step login. It's best to use an authenticator app (like Authy) and also download recovery codes (store these in a safe place like 1Password or a notebook that you hide from all of the world). SMS works, but it's not the strongest option if you're travelling or don't have signal. ## Web browsing 1. Privacy Badger 2. VPN 3. HTTPS everywhere - set up HTTPS for any websites you administer ## Communication 1. Signal: e2e communication. Whatsapp is a less awesome, closed source option. 2. Keybase: for file sharing ## Misc 1. GPG sign your git commits