I had planned to tighten up a few things on the security front since I didn’t want to become that guy. Tonight happened to be the night. So here are three things you
should must do now to secure your online self. And how.
Google Authenticator enables two-step verification
This means that you have to sign up with our passwords as normal, plus a secure code that’s delivered to your phone.
- Download android or iphone app (this is optional; if you don’t want an app you an have the code delivered via SMS)
- Set up two-step verification
- Learn to two-step while you don’t worry about someone hacking your google account and all linked accounts.
Authenticator is available for iOS and Android.
[Update 11/3/2011] Authenticator supports multiple accounts, so you can set up two-step authentication with any combination of tools that support it. Including: LastPass,WordPress, Dropbox, Amazon Web Services, Drupal, plus more. Yahoo and Facebook offer
This is it for the basics. However, there are a few other steps you should take. To continue, log in to your google account security center and click on “edit” next to “two step authentication”. Then:
- Download and secure your “backup codes“. This will let you log in if you lose your phone or phone number.
- Create “application-specific passwords” for apps that do not support two-step, such as syncing with your mac.
TunnelBear: be secure in public
Open hot spots are a easy to hack. If your connection is secure end-to-end (your browser will say “https”), then you’re safe. However, a lot of services do not secure the connection. To stay safe, you can easily create a secure tunnel with TunnelBear. The free service should work for most users; the more paranoid among us may have to shell out $5/mo.
TunnelBear is available for most platforms: Windows, Mac, iOS, Android
What’s this? You don’t think privacy and security are worth a cup of coffee? That’s ok, we got you covered: If you already have your (linux) server and tend to the geeky, use shuttle to tunnel to your server in no time.
LastPass for unique passwords
How do you remember all unique secure?! Well you don’t have to. We are big fans (some of us bigger than others) of how LastPass password manager integrates with your browser so you don’t have to remember any password. You can generate a password directly from LastPass or hop over to our home-grown random password generator.
LastPass is available for all modern browser as well as Android and iPhone. You can set up two-step authentication with Lastpass and Google Authenticator.
And remember: don’t link accounts. Now that you can keep unique passwords with LastPass, don’t link accounts unless you must.
Do you feel less insecure already? Leave us a note below.