Secure your online identity

Rohan Büchner

Rohan Büchner / September 18, 2023


Secure your shit, Fabius, please.

I'm seeing more and more scamming & account hacking online these days. Email 2FA & Mobile Phone 2FA is not good enough anymore, and I don't think better security should be limited to just people working in the tech industry.

I feel this is a baseline requirement these days.

  1. Do not re-use passwords.
  2. Use strong passwords (regardless of if the website has a weak password requirement)
  3. Hardware 2FA
  4. Software 2FA such as Google authenticator / Authy

Hardware 2FA for the non techies:

Go to any online store & buy 2 of these.

Now enable hardware 2FA on all your main accounts that you care about and register the keys in the security settings.

Add both keys at this stage & call them something that you can use to identify them like 'YubiKey Primary' & 'YubiKey Backup.'

Put one on your keychain and put the backup one in your safe at home or leave it at your ouma's house. You MUST have a backup of this. (In case you lose a key of course)

This will require one of these physical keys to be present when logging into a new machine, without this you cannot be hacked as easily. (There are still ways such as session hijacking but this is not as easy / common for most people)

If you do not want to go as crazy as this with a hardware key, get a password vault such as Dashlane, 1Password, NordPass etc.

For ultimate security, I would recommend both. Use a password vault + a hardware key. This will honestly make your online life much more secure, and this is not as complicated to manage as one might think. The extra work is quite minimal, and the longer-term security benefits really outweigh the cons.