Privacy & Security Changes You MUST Make (or get left behind)
HTML-код
- Опубликовано: 29 июн 2024
- Strong passwords, 2FA and simple "don't click on email links" strategies aren't enough anymore. All the changes in online security and the threats we face require a different approach. Here's what you need to know to win the security game in 2023. Get 20% off DeleteMe using code "ATS" at checkout: www.allthingssecured.com/try/...
▶ Do you live outside the US? Try this version of DeleteMe: international.joindeleteme.com/
Here are links to the other tutorials mentioned in this video:
✅ What is the "One Security Habit"? • The ONE SECURITY HABIT...
✅ How to Use Email Aliases: • STOP Giving Your Real ...
✅ How to use Burner Phone Numbers: • Use a VIRTUAL Phone Nu...
✅ How to use Virtual Addresses: • How to Hide Your Home ...
🔹🔹🔹What You Should Watch Next🔹🔹🔹
We've got a lot of great privacy- and security-related content here on the All Things Secured RUclips channel (although we admit we're a bit biased). If you're wanting to increase your online cybersecurity, here's what's next:
✅ How to be Invisible Online: • 9 Secrets to Be INVISI...
✅ What's the best 2FA key to use? • How to Choose the BEST...
✅ The BEST Free Security Tools Everyone should use: • FREE Security Tools EV...
🔹🔹🔹Help Support All Things Secured (Recommended Services)🔹🔹🔹
If you enjoy this kind of practical security and privacy content, one of the best ways you can help support this channel is by using these affiliate links to our favorite products and services. When purchasing through these links, you not only get the best available deal, the companies will also pay us a small commission. Thank you for your support!
✅ Recommended Password Manager: www.allthingssecured.com/yt/1...
✅ Recommended Identity Monitoring: www.allthingssecured.com/try/...
✅ Recommended 2FA Security Key: www.allthingssecured.com/yt/y...
✅ Recommended Secure Email: www.allthingssecured.com/try/...
✅ Recommended VPN: www.allthingssecured.com/try/...
*********************
Video Timestamps
*********************
0:00 - Online Security is Changing
1:09 - The BIGGEST Mistake
2:11 - Strong passwords + masked data
3:36 - 2-factor authentication + sandboxing
5:15 - Social media privacy + scrubbing online data
6:20 - I recommend DeleteMe (sponsored message)
7:10 - Phishing protection + family/friends protection
9:01 - Key takeaways
*********************
Hacks, data breaches and compromised privacy are becoming more and more common, so what can you do in the midst of all these changes to win with your online security? Here are four foundational security strategies that most of us already use and the important modifications you need to make.
#cybersecurity #onlinesecurity #onlineprivacy Наука
Ever since an account of mine was hacked back in mid-2022, I've been making it my best effort to be almost completely unhackable and untraceable online. I'm glad I found your channel among other channels who cover online security/privacy. You guys have helped me a ton!
So glad to hear it, Michael! I hope you don’t have to experience a hack again.
What channels do you recommend for someone starting out?
I googled my name and address and only came up with a 411 look up @@AllThingsSecured
These days we are encouraged to replace physical keys in their own home with passwords or access cards. Now we are told that we should replace passwords for online accounts with physical keys
I hope people will understand that nothing is full proof.
Good thing a channel like yours exists.
We always need to be updated.
Thanks so much.
Fool proof -
I have been in IT for over 35 years and my mantra has always been nothing is safe and everything is hackable. I have always "actively encouraged" family and friends to be IT security aware for their own benefit. This presentation is very concise, easy for the layman to understand and covers the more important points everyone needs to be aware of.
Well done ... I can now refer to this without sounding like a broken record. 😜
I took a degree in Stockton to secure myself and it’s a bachelor. I also know how to encrypt and decrypt anything. So. I’m so dangerous right now and nobody fights me online anymore even if I curse them
One of the things I do is put alerts on all my accounts....If someone logs in, i get an alert, if someone changes my personal info, i get an alert......If you don't have alerts setup, do it. Especially login alerts....those will happen even if someone does hack you. If someone logs in to your account, you will be notified immediately. If they change password, you will get alert........it's annoying but it is so worth it. I usually setup email and text alerts.
While that is very important, it too also has flaws. Session hijackings, like what happened to Linus Media Group and many other RUclipsrs actually circumvent the Login alerts as the session is considered as "already logged in". Great thing to have, but certainly shouldn't be used on its own.
Just found you this very day!!! Lucky me. Thank you for teaching us how to watch our own backs better and making it clear that we need to step up our game to be less vulnerable. I just watched 4 of your videos back -to - back and found MUCH in each one that I need to implement. That is all of this info I think I want to take in at this moment, but I DID share with friends, whom I believe will be grateful too.
Is there anything else you would add to this? I know I'm not covering everything here, so I'd love to hear your comments. And if you'd like to support me while removing your data online, use the code "ATS" when you sign up for DeleteMe: www.allthingssecured.com/try/deleteme-yt
yes
make a video on security question
like you made a video on how to set & remember a good passphrase
set custom security questions if possible
eg.
your 1st iphone ?
ans. Samsung S3
make it cryptic ($@m5ung S3)
that way big tech. , hackers , govt. will keep guessing iphone
you can make it harder by setting answer like cake but harder for you too
if not letting you set custom then don’t set obvious answers
eg.
your birth month ?
ans. 0ctumbur@ry
where did you study ?
ans. B3rmud@ Tr!@ngl3
(just examples not my answers)
Isolate tasks to different browsers.
I'm still paranoid about my facebook data getting leaked, even after deleting my account, since they still keep backup copies on their servers forever.
@@rorylisbon4723 Exactly. That's another form of sandboxing that can work.
How much does DeleteMe cost because Im sure its not free?
the best security is to not have personal information. never stay in a messaging group channel,disable messaging and notification if you can, never make information permanent, 3 months interval of deleting old password, separate email for every social media. never save cookies, have 2fa,sms, don't use password manager learn to type.. sandbox the entire computer or run it over VM.. while VPN/TOR good its better to run your own via cloud provider, take note of sites you registered so you can delete your account
I am still convincing my significant other that passwords in notes app is not safe. No luck at password manager yet.
Sheesh. The amount of time, money and effort to protect our privacy has us throwing our hands up in frustration.
I have my own domain. So what I do is make a new alias for each company I have to leave an email addres. It saved me at least once when I received a really good looking fake from my bank, but send to a generic account I use for unimportant things. As the bank does not kn ow that email, it could not have been them. It also is obvious if there is a hack. If I get an email to e.g. my bank email, then I know they are either sold my email (unlikely, as I live in Europe) or they have been compromised.
I have 250+ email adresses. Sure sounds like a lot, but I add them one by one and this is something I build over many years. Sure, it is an extra step I need to do when I get to buy from a new company, but it is worth it. It even makes me think "Is it worth the trouble?" and sometimes it is not.
Great information. Subscribed.
Set yout email reader to not automatically show pictures embedded in email. If there are senders you trust, set them individually.
All of those pictures contain trackers in their URLs and it lets the sender know you have looked at the email.
You know those emails that are blank until you dhow the picture attached? Those are sent to fish for active accents and it opens uou up for many different exploits
Awesome video. It's scary in a way to think of the future of personal information theft. My problem is I have numerous email accounts dating back to the inception of America Online. I'm now in the tedious process of deleting them all. Thank you.
Wow…that sounds mind numbing 😆
That’s what I have been doing or at least trying to do the last couple years. It’s so irritating how so many companies make it such a pain to delete accounts.
The worry about 2fa is getting locked out of accounts because you don't have physical device nearby.
Great Advice! Thank you very much for sharing.
Glad it was helpful!
I FINALLY got my spouse to use a password manager… and then 2022 happened. Can you guess which one she used? 😢
Lastpass?
Mines thinks they're too complicated...
Better Nordpass or Bitwarden
Oof
Ugh. Sometimes, I long for the days when tech wasn't so prevalent. It's tedious having to do all of this. Because nothing is 100% safe, certain things shouldn't be handled online.
I salute you so useful & helpful content looking forward your next video thanks Josh 🤩
My pleasure!
thanks josh i use my physical key for my accounts
Great job 👏
Consider kevin mitnicks book on being invisible online, good read
I have multiple e-mail address, burners phone, multiple fake social media accounts, mutiple banks acoount under different names, different passports and and driver's license under different names, multiple home addresses, multiple social number. What else can I do to protect my privacy?
Flipphone.🎉😂😅😊
Good info for protecting user access to their accounts. Now if we could get the organizations that house these accounts to protect their databases better against hacks.
Agreed, although I try to give them a slight bit of grace because it’s a constant game of cat and mouse, not to mention trying to keep track of your weakest employee link.
Thanks for all of the vids, tips and work. I was wondering if any chance of doing a video comparing the new privacy, decentralised and privacy focused messaging apps like Secretum, Damus etc?
I’ll look into it. Thanks for the suggestion.
Make an video no how to secure a physical thing
Eg :- like a key 🔑 wallet 🪪 and a piece of paper with password info !
Waiting for this video 😊
So, you mean do a video about having an actual safe in your house?
A puece of paper seems to be the way
i bought my yubi key over 3 years ago and parked them. After learning about sim swapping, i am bringing them out
Do you know how we can use yubi keys to protect wordpress?
Thx
Hey Josh Have you ever investigated security of third party Keyboard apps? Love your videos too
I generally discourage anybody from using 3rd party keyboards. What’s your purpose for using them?
Can add LTT to the list of hacked yt accounts as of this morning 😮
I’ve been thinking about going back to using a burner phone.
Not hard to do.
I didn't know a phone number is associated with a Twitter account. It's probably required as an added layer of security, but I see it as an added layer of insecurity - giving up personal data.
Exactly.
@@AllThingsSecured FYI, I don't have a phone number! :) My wife has a landline tho.
You should review Skiff
I will eventually.
@@AllThingsSecured aren't you doing paid promotions for Proton?
What options exist in Canada to 'mask your data' - services you mention for virtual addresses and credit cards don't seem to exist or service Canadians.
The current ransomware attacks due to an old and well-known VPN flaw proves that many companies don't invest enough time in security, and yet they expect us to put our trust in them. Your twitter mention is a case in point. China probably has hackers working 24-7 trying to break into systems worldwide. It's the cases we don't know about that are probably the greatest threat. State-sponsored malware has been around for quite some time, and has always been difficult to detect and defend against.
I agree, but you also need to remember that even when companies invest in security, it’s often no match for the constant state-sponsored attacks.
@@AllThingsSecured I remember when they discovered Stuxnet in 2010. Who knows how long it been operating. There quickly followed the unmasking of around half a dozen more...all state-sponsored.
Would you save generate and backup codes or just use 2 or more physical keys?
If you save the backup codes securely, it’s pretty much the same.
My Facebook is locked because 2FA CANT BE ACCESSED PLEASE HELP
for 2fa why not have a live person call you to give you the security code but have them ask you a security question that only you would know then give you the code once that security question has been answered for even more security? or for 2fa why not do this? when companies want to implement 2fa why dont they use the hardware yubikey that the companies pay for to send to each and every customer?
Same reason companies only offer SMS 2FA. Because every man, woman, other and dog will understand it. They are playing to the dumbest common denominator. Send everyone Yubikeys and 75% of the customers are going to be calling them for help with it every other week.
Watched the video, I don’t have computer skills so I went with, I just give up.
With the advent of Face ID is there still a need for a Yubikey?
No, it’s different forms of 2FA.
sorry little off topic here. is the yubikey 5ci the best choice for use for someone on an ipad 80% ($249 standard model) & imac 20% of the time?
Yes but buy multiple keys for backups
In this case, the Security key USB-C would work just as good, and it’s significantly cheaper.
Do you think it would be a good idea of using a VPN like ExpressVPN but also using Cloudflare DNS server at the same time, instead of the ExpressVPN one?
Absolutely. No harm in doing that at all.
How do you handle shipments of products to the home?
I’m not a good example. I live overseas, so I send all packages to my virtual address.
Most the Big companies have drop locations you can use rather than your home, i.e. UPS Stores for one. Walgreens will receive FedEx packages, etc. And most have locker locations including Amazon. 😊
I have to use a public wifi when I get to work, the building blocks the cell signal. What are my options??
Yikes. Sounds like you don’t have many options.
This is one of the few cases where a VPN can actually help you.
To make sure you don't get scammed by the fake "I'm in trouble and need money abuse" ask yhe sender a question that they'll easily be anle to answer.
Make it a question that is very unlikely to be public knowledge or something on their Facebook or other social media page.
If they can't answer it, you are very likely dealing with a scammer.
Thank for this video! My YT was hacked and destroyed :/
I’m sorry to hear that.
@@AllThingsSecured Thanks , this and your tips made me smarter now! :)
@@AllThingsSecured Have a fantastic day and please keep up a good wwork!
If I have Delete Me, do I need an id theft protection company as well?
two very different services
Which is the best free authenticator app?
Google Authenticator is good and I e used Authy in the past.
❤️❤️❤️
Thanks!
I'm still using 1Password 6. I didn't want my passwords going to the cloud.
I do not want anything ever going to the cloud, ever. I did not ever sign up to cloud associated with my iPad .
Fairly sure the "secure" USB is not going to be secure against any form of a moderately skilled attacker. Even discounting a straight hardware clone of the storage - which is incidently really easy on a USB device - I really doubt the software acting as a firewall between USB mounting and a system it is connected to, is attackproof. And if it isn't, an enormous array of options comes into play ranging from cloning the data to enable infinite physical password attempts to a full virtual machine pretending to be the keys of the device.
At that point, you would need 50 digit passwords to hold out even for an hour.
What secure USB are you talking about? If you mean the Yubikey shown in the vid, that is not a storage device. It's a dedicated security chip with a USB interface. You're not cloning a Yubikey.
@@sothere1 The Secure USB in the video is one which has a little keypad controlling the USB controller. It can be attacked easily. Nor is your idea that Yubikey is not "cloning" the least bit realistic.
You can't clone a yubikey to another yubikey - but there is no physical way to prevent a straight content rip even though this involves physical access to the underlying memory.
The only issue I see with a lot of this videos and content is that some services are only available in the US. This leads most of the times to not be able to clean your public data and records anywhere... We all need to start over and gain our online privacy as much as possible... Thanks for this videos and its contents!!!! Some services should start being "worldwide" instead of only US.
Which services are you referring to? DeleteMe offers international service, aliasing is global and virtual addresses are everywhere.
Shall take a look at DeleteMe. But here In the UK hard to get Virtual, Cards, Address and Phone without spending alot.
@@AllThingsSecured deleteme says on its pricing: "U.S. residents only."... So its not international because only US residents can apply. :)
@@notknownguy as mentioned: DeleteMe says on its pricing: U.S. residents only. And I am not a US resident... If its global this should be removed. Maybe the service is global but they only allow US residents...
Srry like RUclips or somone was blocking me frm making a comment WTH a vpn on!!
Instead of massively shielding ourselves to be hiding in a cocoon why is there no measures to seek out the perpetrators?
I can follow most of what you say but some is over my head. Hiding your address for instance is impossible if you want home deliveries.
Recently my health insurance company had data stolen and now I'm being bombarded with spam. It is impossible to give them fake details and expect a service.
It seems to be really and ultimately safe you shouldn't use the internet.
It’s frustrating, I know. Unfortunately, because a lot of the problems come from international attackers beyond your country’s jurisdiction, shielding yourself is one of the only options.
So its turns out Delete me is only available to USA and NOT the UK
Try international.joindeleteme.com
but I love social sharing 😮💨
👍🏻
🙏
I see the value in all of this, but at some point I think that we are becoming a person who spends more time securing themselves instead of actually using the internet.
Just like if you have a home, yeah you can put up a 10ft wall, security cameras, a moat. Get more and more secure, but at what point are spending more time securing yourself instead of enjoying the home?
Even so, I agree that a lot of this is basic, and should be done. Like minimizing your digital footprint. Scrub you public data, Do 2FA.
But multiple email accounts, a front phone number, bothering your friends and family, ect. It becomes a lot.
Yeah, if you're a high value target, sure do all you can. But it takes a lot of time and effort.
Thoughts?
Yea, I get it. And of all the security/privacy channels I watch, I tend to be the least “fanatical”. This is hardly overboard, I’m simply challenging people to really think about what they need to secure before it’s too late.
And I’m not saying that your family needs to do the exact same, but if they’re not using 2FA, just understand that they pose a small threat for you.
Oooh I want a moat !!!!
Why can’t I leave a comment on youtube
I am hacked for surely
私は、MoreLoginのようなアンチディテクションブラウザやVPNを使用して、自分の真のIPアドレスを隠すようにしています
Damn talk about something interesting in 2023
What do you mean?
@@AllThingsSecured just my opinion so much going on regarding the recent security incident over the past few months but it very informative to say the least thanks lol
stop using the internet for any business stuff, go to the bank,go to the business etc., use the net to conduct business you get what you deserve
I use
1Password for my passwords
Auty for 2FA
Vpn surfshark