Table of Contents
Online Identity
Creating a consistent online identity across web platforms is essential for being recognized on the internet and developing a strong brand. Using the same unique, well-thought username and a high-quality profile photo across all platforms is critical for individuals. It sends a signal to other people that you are professional and care about the work you are publishing online.
Username
A unique username is beneficial for tagging, sharing, searching, and makes creating new accounts easier. To create a unique username, try username candidates on different platforms to see if they are available. Then, search the username on search engines to see if it is already in use or has other meanings. Favor shorter usernames that are easy to pronounce, understand, and remember; avoid numbers, special characters, and ambiguous names. For example, my username, jaantollander, is based on my first and last name. If you have a common name, you will have to be more creative to make a unique username.
Profile Photo
We form an immediate visual impression of the person based on their profile photo. We can control our appearance by using an intentional, high-quality profile photo. Find a professional photographer to take the profile photo in good lighting and white background. You should have a light smile, a shirt, and a haircut consistent with our style in the photo. Let a professional also edit the photo with software such as Lightroom. Finally, crop the image to a square because they work best for online profiles. The square should contain our face from below the neck to above the head, leaving margins around the head.
Emails have two purposes: security and communication. Here is how to set up two separate emails to tackle both of them.
First, we create Protonmail address as our secure email. Protonmail is a secure, encrypted email service. We use the secure email for registering accounts and as a backup email for resetting passwords. We should open the secure email only when we need to use it and otherwise keep it logged out. We should also keep the secure email address private to avoid targeted attacks like phishing.
Second, we create a new email address as our communication email. I use HEY, a modern email service designed for productivity, but a second Protonmail address also works fine. We use the communication email for all personal and business communication, receive email notifications and newsletters. Since we want to keep the communication email continuously open to receive and read messages, we should avoid registering security-critical accounts to the communication email. I recommend watching Take a tour of HEY where Jason Fried, the company’s CEO, explains all the unique features of HEY.
Password Management
Everyone should use a password manager for managing user credentials such as usernames and passwords. Password managers improve security by enabling the user to generate, use, and manage strong, unique passwords instead of reusing similar, weak passwords. We should also use two-factor authentication for all security-critical services. Many online password managers have a two-factor authentication application and allow backup. You must register your online password manager to your secure email. I recommend using LastPass as an online password manager and LastPass Authenticator for two-factor authentication.
Next, we need to create strong and easy-to-memorize master passwords for the password manager, email, and operating system. We can use the password generator in LastPass to generate pronounceable, at least 16 characters long, lower-case only, passwords. If needed, we can modify the generated password by adding numbers, upper case characters, or special characters. Pronounceable passwords are easier to memorize and type. Now, we need to memorize the master passwords. One method for memorizing is to create an encrypted container such as the KeePass database with the password and periodically recalling the password from memory by opening it. It typically takes a couple of days to memorize new passwords. Once you have learned the password, you can use it for the intended service. KeePass is a free, open-source offline password manager. Linux is supported using KeePassX and Android using Keepass2Android. To share a KeePass file across multiple devices, you need to use a cloud storage service such as Dropbox.
You should avoid using your phone number and text messages (SMS) for authentication or password recovery. Phone numbers are vulnerable to attacks and social engineering on your telecom provider. Also, attackers can fake SMS messages sender to seem like they are coming from a trusted source in an attempt to phish your credentials.
If you want to understand why cybersecurity matters, I recommend listening to Darknet Diaries, by Jack Rhysider. It is an addicting podcast about cybersecurity stories covering topics such as hackers, breaches, APTs, hacktivism, and cybercrime. Furthermore, Krebs on Security, by Brian Krebs, is also an excellent resource for cultivating computer security and cybercrime awareness. His blog covers breaches, hacks, and other developments in cybercrime.
Virtual Private Network
We can further improve privacy and security by using a virtual private network (VPN). VPN hides the device’s IP address by routing the traffic through one of their servers and encrypts the communication between the device and the server. Encryption improves security when we are using public networks. VPNs also allow circumventing geoblocking by selecting servers located in different countries. When choosing a VPN provider, we need to pay attention to the company’s policy and the country’s legislation. For example, their policy should include not keeping any logs of traffic and allow peer-to-peer traffic. I am currently using Private Internet Access, a cross-platform VPN service.
Disk Encryption
Many people might falsely believe that their computer’s password protects their data and files. However, the operating system password protects against unauthorized network access, but not the data on the computer’s hard drives. In other words, an outsider could access your files by removing the hard drives and connecting them to another computer. However, we can secure the hard drives’ data by using encryption. Without knowing the encryption key, the outsider could access unusable encrypted data, not the actual files. We can use a disk encryption utility to create full disk encryption or virtual encrypted disks for encryption. As a word of caution, as with all encryption, if you lose your encryption key, you will lose all your data!
Full disk encryption is suitable for portable devices such as laptops and thumb drives, which are susceptible to being lost and risk losing confidential information. The benefit of full disk encryption is that it encrypts all data on the device automatically. However, the downside is that encryption requires computation, which decreases performance for I/O heavy operations.
Virtual encrypted disks are technically easier to use and suitable when fully encrypting hard drives is not feasible for technical or performance reasons. Disk encryption utilities create them as binary files that contain the encrypted data. When mounted, they act in the same way as regular disks, in which we can store confidential files. There is a performance decrease only when operating inside the encrypted disk.
I use VeraCrypt, an open-source disk encryption utility, which supports full disk encryption and virtual encrypted disks.
Instant Messaging
These days, a large part of our communication happens via instant messaging. Most of us regard our messages as confidential, and we would not want third parties such as hackers, nation-states, or even the platform itself to access our messages. Therefore, it is critical to choose a platform built with security-first principles and whose developers are driven by these values. I recommend Telegram, a free and secure cross-platform instant messaging application.