Hello everyone! I wanted to share my personal approach to password management and online security. Over the years, I've refined my methods to ensure my online experiences are as safe and secure as possible, and hopefully, you'll find some of these insights helpful.
I strongly believe in using strong, randomly generated passwords for every single website and app I register on. Each password I create is 16 characters or more, making them significantly more secure against brute force attacks. Instead of memorizing all these complex passwords, I use a password manager, allowing me to remember only a few key passwords, such as the one for my computer and, importantly, the password manager itself. This way, if one account gets compromised, I can rest assured that my other accounts remain secure.
I started with 1Password by AgileBits, but as my focus on personal security grew, I shifted to a decentralized, open-source solution. Now, I use KeePassXC on both Mac and Windows, along with KeePassDX on Android. These tools enable me to retain control over my data without relying on external servers, enhancing my sense of security.
To bolster security, I store my TOTP codes separately from my password manager, using a FOSS authenticator app from F-Droid for Android. I also use a mix of iCloud Keychain and Passkeys to facilitate secure and convenient access across my various devices. Keeping TOTP isolated ensures that even if someone gains access to my password manager, they would still face an additional hurdle. As a backup, I use a USB-C YubiKey, providing a physical token that stores my TOTP codes securely, ensuring I have multiple safety nets if needed.
For KeePass, I've implemented the key file security option. Unlike the password database, I don't sync the key file to the cloud. Instead, it's duplicated on each of my devices but kept local and discreetly named. This method prevents unwanted attention and ensures that my vault remains secure even if one of my devices is compromised.
This combination of strategies allows me to manage my online security with confidence. For anyone considering a similar path, remember to:
Stay safe online!
Password Generation and Management
I strongly believe in using strong, randomly generated passwords for every single website and app I register on. Each password I create is 16 characters or more, making them significantly more secure against brute force attacks. Instead of memorizing all these complex passwords, I use a password manager, allowing me to remember only a few key passwords, such as the one for my computer and, importantly, the password manager itself. This way, if one account gets compromised, I can rest assured that my other accounts remain secure.
From Proprietary to Open Source
I started with 1Password by AgileBits, but as my focus on personal security grew, I shifted to a decentralized, open-source solution. Now, I use KeePassXC on both Mac and Windows, along with KeePassDX on Android. These tools enable me to retain control over my data without relying on external servers, enhancing my sense of security.
Two-factor Authentication and Backups
To bolster security, I store my TOTP codes separately from my password manager, using a FOSS authenticator app from F-Droid for Android. I also use a mix of iCloud Keychain and Passkeys to facilitate secure and convenient access across my various devices. Keeping TOTP isolated ensures that even if someone gains access to my password manager, they would still face an additional hurdle. As a backup, I use a USB-C YubiKey, providing a physical token that stores my TOTP codes securely, ensuring I have multiple safety nets if needed.
Enhanced Security with Key Files
For KeePass, I've implemented the key file security option. Unlike the password database, I don't sync the key file to the cloud. Instead, it's duplicated on each of my devices but kept local and discreetly named. This method prevents unwanted attention and ensures that my vault remains secure even if one of my devices is compromised.
Conclusion and Recommendations
This combination of strategies allows me to manage my online security with confidence. For anyone considering a similar path, remember to:
- Use strong, unique passwords.
- Consider a password manager to handle complexity safely.
- Separate TOTP codes from your main password manager and consider a physical backup like a YubiKey.
- Use a key file for database encryption but keep it local.
- Regularly update your knowledge on security practices and tools.
Stay safe online!
