๐Ÿ”’ Cybersecurity for lawyers

User Tools

Site Tools

Trace:
passwords

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
passwords [2019/08/14 08:02] โ€“ adminpasswords [2019/08/29 10:22] โ€“ neil
Line 10: Line 10:
   * [[passwords#Consider if biometric security is right for you|Consider if biometric security is right for you]]   * [[passwords#Consider if biometric security is right for you|Consider if biometric security is right for you]]
   * [[passwords#Wherever possible, set up two-factor authentication|Wherever possible, set up two-factor authentication]]   * [[passwords#Wherever possible, set up two-factor authentication|Wherever possible, set up two-factor authentication]]
 +  * [[passwords#Limit the locations from which you can log in|Limit the locations from which you can log in]]
  
 ====Use a unique email address, and a unique password, for every site and service ==== ====Use a unique email address, and a unique password, for every site and service ====
Line 84: Line 85:
 It may seem counterintuitive to write down all your passwords in one piece of software, but the [[https://www.ncsc.gov.uk/blog-post/what-does-ncsc-think-password-managers|National Cyber Security Centre's guidance]] is that the benefits outweigh the risks. It may seem counterintuitive to write down all your passwords in one piece of software, but the [[https://www.ncsc.gov.uk/blog-post/what-does-ncsc-think-password-managers|National Cyber Security Centre's guidance]] is that the benefits outweigh the risks.
  
-There are a number of different options to choose from.ย +There are a number of different options to choose from, depending on what features you want:ย 
-ย +  [[https://1password.com|1Password]]ย 
-My preference is [[https://1password.com|1Password]].ย +  [[https://keepass.info|KeePass]]ย 
-ย +  * [[https://bitwarden.com|Bitwarden]]
-See also [[https://keepass.info|KeePass]].+
  
 === If your password manager is cloud-based, assess their security model === === If your password manager is cloud-based, assess their security model ===
Line 154: Line 154:
  
 See [[two-factor_authentication|two-factor authentication]]. See [[two-factor_authentication|two-factor authentication]].
 +
 +====Limit the locations from which you can log in ====
 +
 +If you can feasibly do so, restrict logins so that you can only log in from certain networks or IP address ranges. 
 +
 +If, for example, you always connect via a [[virtual_private_networks|VPN]], you could restrict logins to the IP address ranges used by your VPN.
 +
 +Someone who is not connected via the same network should not be able to log in, even if they know your username and password. If, however, the attacker is someone within your organisation, and has access to the same networks / IP address ranges, this control is likely to be ineffective.
 +
 +If you do this, you need to accept that risk that, if you cannot connect to your VPN, or if your VPN endpoint's IP address ranges change, you will not be able to log in.
passwords.txt ยท Last modified: 2021/07/06 09:26 by 127.0.0.1