Apparently it's Safer Internet Day.
So, here's my list for the average user:
1. Use a #PasswordManager
2. Use an ad-blocker whenever possible. (lots of malware comes from ads)
3. Turn on 2 Factor Authentication (a.k.a. 2FA, MFA) whenever possible.
4. If you see something outrageous, really think about that link, the source, the probable outcome and if you really need to expose your computer or mental health to that.
5. Backup your devices to non-connected media.
@0x56 @john_b thnx! from what I understand, to breach into my iOS keychain you need to breach into my Apple ID. So if you are able to do that, my computer and iOS device technically belongs to you now, so an external password manager is not providing an extra layer of security. Here’s the Apple resume of it: https://support.apple.com/guide/security/keychain-data-protection-overview-secb0694df1a/1/web/1
@magicsoda @0x56
Ah, okay. So that sounds like it's more about how iOS stores the credentials you've input into applications rather than helping you to keep track of what password you use for what account. I think?
In any case, breaking into an Apple ID (or Google account, or Microsoft account) would clearly be a Very Bad Thing. I want to make sure that even if that worst-case scenario occurs:
(1) the attacker can't get access to the hundreds of passwords I have stored in my password manager and
(2) *I* can still access those passwords for my other accounts.
For me, that means using an external password manager (Bitwarden).