[SOLVED] need advice on best setup for hardware securing my pc operation

anaturelover

Distinguished
Jun 24, 2012
450
1
18,685
hi
im ready to up my security.
here is what i think would be good if you have better solution please tell me . (without spending too much)
i dont like authy cause the mystery solver is out vs yubikey the mystery solver is in the key

1- windows login.
2- pasword manager
3- finance related account and email

1 win 10 x64
-it is said that this is the first thing you have to secure . i would use the yubikey win login app with a yubikey 5 no1
https://support.yubico.com/hc/en-us...-Yubico-Login-for-Windows-Configuration-Guide

2 password manager
i would pay the 10 dollar bitwarden and use the same yubikey5 no1 to authenticate it .

3 -finanacial use i would use a different yubikey for this account and its email related to . the financial app would then be protected by bitwarden and a yubiey5 no2 hardware. not all finance app have fido 2 so i have to get a yubikey5 that is more versatile using fido 1

i would make a backup key for both so it would be 4 keys approx 200 dol.


do see better solutions?
 
Solution
I use Windows Security for day to day AV protection. Occasional runs of Malwarebytes (free).

I have strong and different passwords on all of the accounts that I access on line. Passwords are not kept on my computer nor managed by any software.

I have 2 factor authentication where ever available. The website either sends a code to my cell phone, emails a code, or even calls on the landline....

I set alerts on all accounts so I am notified of changes or transactions exceeding certain $ amounts.

As stated by @kanewolf, I am careful about what I do on line and pay close attention to any URLs that appear when the mouse cursor is hovered over a link.

My biggest fear is that someone will call and manage to panic a senior family...

kanewolf

Titan
Moderator
hi
im ready to up my security.
here is what i think would be good if you have better solution please tell me . (without spending too much)
i dont like authy cause the mystery solver is out vs yubikey the mystery solver is in the key

1- windows login.
2- pasword manager
3- finance related account and email

1 win 10 x64
-it is said that this is the first thing you have to secure . i would use the yubikey win login app with a yubikey 5 no1
https://support.yubico.com/hc/en-us...-Yubico-Login-for-Windows-Configuration-Guide

2 password manager
i would pay the 10 dollar bitwarden and use the same yubikey5 no1 to authenticate it .

3 -finanacial use i would use a different yubikey for this account and its email related to . the financial app would then be protected by bitwarden and a yubiey5 no2 hardware. not all finance app have fido 2 so i have to get a yubikey5 that is more versatile using fido 1

i would make a backup key for both so it would be 4 keys approx 200 dol.


do see better solutions?
What are you trying to protect against? Ransomware? Physical access? Friends and relatives?
What about theft of the entire unit?
 

anaturelover

Distinguished
Jun 24, 2012
450
1
18,685
well i m not familiar with all the threaths but i understand that authy has the mystery solver too so less secure.
i live alone so no family problems, the threat is more like external online hacker that would try to get access to my pc emails and ultimately finance app.
 

kanewolf

Titan
Moderator
well i m not familiar with all the threaths but i understand that authy has the mystery solver too so less secure.
i live alone so no family problems, the threat is more like external online hacker that would try to get access to my pc emails and ultimately finance app.
Those risks are up to you. Don't do stupid stuff on-line and you will be at very low risk.
If you are actually a high net worth person, a ransomware attack is much more likely than anything else these days.
 

Ralston18

Titan
Moderator
I use Windows Security for day to day AV protection. Occasional runs of Malwarebytes (free).

I have strong and different passwords on all of the accounts that I access on line. Passwords are not kept on my computer nor managed by any software.

I have 2 factor authentication where ever available. The website either sends a code to my cell phone, emails a code, or even calls on the landline....

I set alerts on all accounts so I am notified of changes or transactions exceeding certain $ amounts.

As stated by @kanewolf, I am careful about what I do on line and pay close attention to any URLs that appear when the mouse cursor is hovered over a link.

My biggest fear is that someone will call and manage to panic a senior family member into giving away information. Or otherwise trick them into some form of slamming.

Unrecognized calls are all left to go to the answering machine.

Financial documents and bills are kept filed away. Spreadsheets do not contain full account numbers.

Right now I have a suspicious email in a folder. Email is supposedly a confirmation for a very high value ($1,000) order of video related equipment being sent from amazon on my behalf to a named person in Florida. Claims my account (?) will be debited accordingly. There are a number of "problems" with the email. However, the things that I will not do is to call the numbers listed, click any links, or respond with an email reply.

I have already checked all accounts for signs of unusual activity. Just in case I missed some alert or other notice.

In the process of checking out the named person.... Afterwards - TBD.

You can probably do most of the sames things that I am doing as are many others.

So save the $200.

Just my thoughts on the matter.

There are likely to be other thoughts and suggestions. I could well use them myself.
 
Solution

anaturelover

Distinguished
Jun 24, 2012
450
1
18,685
I use Windows Security for day to day AV protection. Occasional runs of Malwarebytes (free).

I have strong and different passwords on all of the accounts that I access on line. Passwords are not kept on my computer nor managed by any software.

I have 2 factor authentication where ever available. The website either sends a code to my cell phone, emails a code, or even calls on the landline....

I set alerts on all accounts so I am notified of changes or transactions exceeding certain $ amounts.

As stated by @kanewolf, I am careful about what I do on line and pay close attention to any URLs that appear when the mouse cursor is hovered over a link.

My biggest fear is that someone will call and manage to panic a senior family member into giving away information. Or otherwise trick them into some form of slamming.

Unrecognized calls are all left to go to the answering machine.

Financial documents and bills are kept filed away. Spreadsheets do not contain full account numbers.

Right now I have a suspicious email in a folder. Email is supposedly a confirmation for a very high value ($1,000) order of video related equipment being sent from amazon on my behalf to a named person in Florida. Claims my account (?) will be debited accordingly. There are a number of "problems" with the email. However, the things that I will not do is to call the numbers listed, click any links, or respond with an email reply.

I have already checked all accounts for signs of unusual activity. Just in case I missed some alert or other notice.

In the process of checking out the named person.... Afterwards - TBD.

You can probably do most of the sames things that I am doing as are many others.

So save the $200.

Just my thoughts on the matter.

There are likely to be other thoughts and suggestions. I could well use them myself.
 

anaturelover

Distinguished
Jun 24, 2012
450
1
18,685
I use Windows Security for day to day AV protection. Occasional runs of Malwarebytes (free).

I have strong and different passwords on all of the accounts that I access on line. Passwords are not kept on my computer nor managed by any software.

I have 2 factor authentication where ever available. The website either sends a code to my cell phone, emails a code, or even calls on the landline....

I set alerts on all accounts so I am notified of changes or transactions exceeding certain $ amounts.

As stated by @kanewolf, I am careful about what I do on line and pay close attention to any URLs that appear when the mouse cursor is hovered over a link.

My biggest fear is that someone will call and manage to panic a senior family member into giving away information. Or otherwise trick them into some form of slamming.

Unrecognized calls are all left to go to the answering machine.

Financial documents and bills are kept filed away. Spreadsheets do not contain full account numbers.

Right now I have a suspicious email in a folder. Email is supposedly a confirmation for a very high value ($1,000) order of video related equipment being sent from amazon on my behalf to a named person in Florida. Claims my account (?) will be debited accordingly. There are a number of "problems" with the email. However, the things that I will not do is to call the numbers listed, click any links, or respond with an email reply.

I have already checked all accounts for signs of unusual activity. Just in case I missed some alert or other notice.

In the process of checking out the named person.... Afterwards - TBD.

You can probably do most of the sames things that I am doing as are many others.

So save the $200.

Just my thoughts on the matter.

There are likely to be other thoughts and suggestions. I could well use them myself.
 

anaturelover

Distinguished
Jun 24, 2012
450
1
18,685
hi tx for sharing your thinking can you tell me more about that i feel like im not aware of it .
Also if you do not have a pw manager omg do you refer to a paper and type everytime your strong passwords?
 

Ralston18

Titan
Moderator
Paper and type as you say.

No password manager but I do have a password management process.

In the far past I used a "pattern" to help remember passwords. That pattern did not necessarily result in strong passwords and would rarely meet today's enforced standards for strong passwords.

For the most part, at any given time, I only need to remember 3 or 4 passwords for regularly accessed websites.

The other passwords are kept on an individual "cover sheet" in the applicable file cabinet drawer and account/website folder. Generally inside of a plastic sheet protector. Protects the information and makes it easier to find and/or get lost in the paperwork mix.

Nothing specific: Usually just a screen shot/capture of the Home page on which I print the username and password along with the effective date. If I change a password (which I do) then I simply strikeout the current password and print the new password below it. Plus the change date.

And the passwords might be misleading in some way. For example, there may be a certain character added somewhere within the password but not shown on the cover sheet. Although with 2FA I have moved away from any such deceptions. Mostly for my own sake and memory....

I also include a list or copy of "secret questions" and other related security information inside the sheet protector as well. Again usually just a screen shot with hand-written and dated edits.

Occasionally, if I I am working on some problem or transaction there may be a series of logins for a few days. And most often when I change passwords and update account security and information.

But once completed, all just goes back into the file folder. Printouts, confirmation pages, etc..

Nothing depends on my memory or electronic storage of passwords. Family members know that, if necessary, how the financial records are arranged and how to gain access to my/our accounts.

I also configure all accounts to provide me with notifications about any changes that are made to the account. And I use 2FA as available and applicable.

No summary pages or other combined listing of passwords. (However, that will be done and added to my off-site will. I am doubling down on my backup efforts.)

Other websites for gaming, recreation, browsing, research etc. - moot, not of concern, and no one will care. Passwords, if needed, are just jotted down.

No problem per se with password managers etc.. Think about the bigger picture.....