this post was submitted on 10 Nov 2023
65 points (92.2% liked)
Privacy
32165 readers
326 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
For normies it's easy:
Those three will make up for 90% of peoples bad habits.
Literally this. This is the answer.
Password manager is something I've been preaching but they seem to find it to much of a hassle. Set up Ubikeys for my MIL. Works like a charm.
Password Manager that is not LastPass lol
I would add: turning off telemetry, especially windows and other ms products
How does a password manager improve online privacy? Aren't you just centralizing all of your login credentials that could be hacked like a certain password manager was recently?
Use strong master password. Use a 2fa / passkey. Use reputable secure one like bitwarden or better a offline one like keepassXC.
Password managers are great tools that if used correctly can be very good but when you use them incorrectly it can go very wrong.
The main thing that they solve is week passwords, and passwords that are reused.
Keepass wiht my kdbx in a webdav share with basic auth is the tits. I can access and modify it remotely and it's easy to detect and block any bots/users who are snooping and trying to access the webdav share. After 3 years of using this setup I've only had a dozen hits on that directory out of the hundreds of thousands of bot requests.
For me the real value is that a good password manager makes it easier to not use "login with Google" for everything
Provided that your key store password can be made very strong, all the risk posed by having all your eggs in that one basket are, speaking from the perspective of an average computer illiterate user like my mom, far outweighed by avoiding the inevitable alternative of one password (or a family of derivative passwords) used across all services.
One extremely good lock is a step up from two dozen shitty ones if it's a cascade failure either way.