- Password manager such as Bitwarden, generate long strong passwords for everything.
1a. Corpo SSO (By which I mean “log in with Google/Microsoft/Apple/Whatever”) nothing. - Hardware keys, MFA on anything that doesn’t support one.
- Degoogle, de-megacorp.
- Use Linux, stop the Stockholm syndrome that is Windows.
VPN shouldn’t even be in the top 10. The benefits are dubious at best and the jury is still out on whether it makes you more of a target or if you can trust ANY provider meaningfully.
Multi factor authentication is about having multiple factors for authenticating you:
Something you know (like a password) Something you have (with you - a hardware key, smart card or token) Something you are (biometrics, fingerprint, faceid)
So the idea is that you’ll have two points of identification.
But if you have your TOTP token and your generated password in the same password manager - that’s effectively only one factor of authentication.
If you’ve gotten this far you should probably consider a WebAuthn key like the Ubikey to be the “something you have”.
It’s all relative.
More private than Google or Meta? Hell yes.
Suitable for whistleblowers and journalists reporting war crimes? Nooooo.
But Jitsi you can run it yourself and you should.
Understand that the public instance is provided freely as an alternative to Google and Meta, and whilst I agree encryption should be the default - it does add overhead for something probably running on donations.
For me it’s that they needlessly centralise the internet, and that’s their goal too.
Suddenly one data centre goes down and the whole internet will too.
And data centres do go down, one of Google’s most recent outages happened in an entire region and they were unable to badge into the building because that also relied on Google infrastructure.
I have a pseudo domain that has none of my info on it.
It’s something along the lines of “thisisspam.com” that forwards to my personal email accounts.
The point is, since I and not the service control my addresses I can take them anywhere.
You dont need any commercial VPN provider unless you’re a persecuted minority or under a strict government regime, get off them.
You can’t verify that any of them actually comply with their no log policies and all they’re doing is aggregating people who have stuff to hide onto it.
And especially not fucking Windscribe.
And VPNs are always slow, hence not using them unless they’re required.
Theres plenty of good reason to keep your alias provider separate from your email provider.
The first being you can lift and shift to another email provider very easily.
Secondly if something happens to your account you don’t lose the lot.
Thirdly, just get a domain with alias provider and it matters not what email provider you use ever.
Bullshit.
The enemy I don’t know has a long history of human rights abuses, persecution of minorities and espionage. And your data will become a weapon in the event of a world war 3.
Calyx has absolutely no Google login required for it, no wall of text EULA or privacy policy due to there being no online conponents. I don’t even have a Google account. Whereas stock android you need a Google account to use it. Not to mention reinforcement of security via firewalls, Tor and sandboxing.
Firefox and uBlock.