Phishing and Keyloggers are real threats
Your Gmail account integrity is the weakest link in you privacy stack. If a bad actor gains access to your Gmail it could end your career. A few venomously worded emails under your name could irrevocably damage relationships that you’ve spent years building.
I point this out because I suspect people typically do not consider all of the implications of being hacked. Depending on what is stolen and by whom, the consequences could be dire. It can change your life in ways that you cannot even begin to imagine.
The actual cost of a compromised Gmail account is difficult to calculate. It depends upon to what degree you rely on email correspondence to conduct business and socialize. Your email history is probably a treasure trove of comments that taken out of context could be embarrassing.
Your Gmail account can be used to subsequently gain access to other more secure services. Because email is still being used by many in the “I Forgot My Password” scenario, it is feasible that a hacker could learn what services you use (Twitter, Stripe, PayPal, or AWS) from your history. Knowing that they could then exploit a weak 2FA (Two Factor Authentication) by simply clicking on the Reset My Password link in your email inbox.
The tech savvy are now taking a new approach to securing their Gmail accounts; The Advanced Protection Program. This solution uses a physical key to lock down your Gmail, Calendar and G-drive contents (including your priceless photos).
Titan Security Key / Yubico and Waterproof Capsule
I hope you would consider using a Titan key to secure your Gmail account, it’s relatively inexpensive and easy to use. I also hope that you take care to protect your key from loss or physical damage (coffee spill or washing machine). Stay safe!
A new, shiny email key
because of the think
Keypad Encrypted USB Best Practices and Safety
Enter The PIN before inserting the USB into its slot. Do not enter the PIN while the Keypad Encrypted USB is connected.
Close all applications before hibernating, suspending, logging off or ejecting the USB device. This is an important step especially if you are using a software cryptocurrency wallet, KeePass or Key Quest Vault.
Put the USB Device back in its capsule when not in use. You should remember to seal the Capsule and store it in a safe place.
Make sure your are not being watched or recorded by a surveillance camera. Be aware of your surroundings and look behind you.
Do not plug the USB into a suspicious computer. Avoid using a computer that may be infected with Spyware. If you must use an unknown computer, boot from a Trusted Operating System, and use the Virtual Keyboard to enter passwords.
Do not use a found USB device. If a USB drive magically appears do not plug it into any computer. Curiosity killed that particular cat. Be cautious if your USB drive was out of your possession for any period of time.