passwords
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
passwords [2019/08/10 08:46] โ neil | passwords [2019/08/21 07:00] โ neil | ||
---|---|---|---|
Line 10: | Line 10: | ||
* [[passwords# | * [[passwords# | ||
* [[passwords# | * [[passwords# | ||
+ | * [[passwords# | ||
====Use a unique email address, and a unique password, for every site and service ==== | ====Use a unique email address, and a unique password, for every site and service ==== | ||
Line 128: | Line 129: | ||
Depending on the outcome of your [[threat_modelling|threat modelling]], | Depending on the outcome of your [[threat_modelling|threat modelling]], | ||
+ | |||
+ | ===You cannot change your face or fingerprints === | ||
+ | |||
+ | You should use a different username and password for every account or service you use. | ||
+ | |||
+ | Clearly, you cannot do this for biometrics (well, not beyond 10, in the case of most people, when it comes to finger/ | ||
+ | |||
+ | Moreover, you cannot realistically change your face, if an insecure storage of biometric credentials is compromised. | ||
+ | |||
+ | |||
+ | ===Disable them in higher-risk situations === | ||
You might also decide to use these unlock mechanisms most of the time, but disable them for certain activities (e.g. for travelling across borders). | You might also decide to use these unlock mechanisms most of the time, but disable them for certain activities (e.g. for travelling across borders). | ||
Line 143: | Line 155: | ||
See [[two-factor_authentication|two-factor authentication]]. | See [[two-factor_authentication|two-factor authentication]]. | ||
+ | |||
+ | ====Limit the locations from which you can log in ==== | ||
+ | |||
+ | If you can feasibly do so, restrict logins so that you can only log in from certain networks or IP address ranges. | ||
+ | |||
+ | If, for example, you always connect via a [[virtual_private_networks|VPN]], | ||
+ | |||
+ | Someone who is not connected via the same network should not be able to log in, even if they know your username and password. If, however, the attacker is someone within your organisation, | ||
+ | |||
+ | If you do this, you need to accept that risk that, if you cannot connect to your VPN, or if your VPN endpoint' |
passwords.txt ยท Last modified: 2021/07/06 09:26 by 127.0.0.1