David and Katie review best security practices and discuss email encryption, VPN, password practices, data encryption, two factor authentication and more.
Thanks to MPU listener Jigar Talati for assistance with the shownotes this week.
Links for this episode:
In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.
Multi-factor authentication (also MFA, Two-factor authentication, TFA, T-FA or 2FA) is an approach to authentication which requires the presentation of two or more of the three authentication factors: a knowledge factor (“something the user knows”), a possession factor (“something the user has”), and an inherence factor (“something the user is”).
If you set up 2-step verification using SMS text message or Voice call and also want to be able to generate codes using the Android, iPhone or a Blackberry, you can use the Google Authenticator app to receive codes even if you don’t have an Internet connection or mobile service.
Get VIP Access to help protect your online accounts. VIP Access provides a unique security code that you can use in addition to your user name and password for safe and secure account access.
Two-step verification is an optional but highly recommended security feature that adds an extra layer of protection to your Dropbox account. Once enabled, Dropbox will require a six-digit security code in addition to your password whenever you sign in to Dropbox or link a new computer, phone, or tablet.
Using application-specific passwords
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet.
Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, e-mails, files, directories and whole disk partitions to increase the security of e-mail communications
GnuPG is the GNU project’s complete and free implementation of the OpenPGP standard as defined by RFC4880 . GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available.
GPGTools is a software collection that brings encryption/decryption and signing of e-mails and files, to you on your mac (for Windows use Gpg4win). The main goal is to bring OpenPGP – in the form of an easy installer package based on MacGPG – to Mac OS X.
FileVault 2 uses full disk, XTS-AES 128 encryption to help keep your data secure. With FileVault 2 you can encrypt the contents of your entire drive.
“Journaling” is a feature that helps protect the file system against power outages or hardware component failures, reducing the need for repairs.
Have you always wanted to love Evernote, but never really got it? I completely understand! I was in your same place for 4 years, but just recently saw the light. I want to share with you how I learned to love Evernote!
A virtual private network (VPN) extends a private network across a public network, such as the Internet.
The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates easily memorized domain names to the numerical IP addresses needed for the purpose of locating computer services and devices worldwide
It’s a jam packed show this week. We discuss alternative DNS services including OpenDNS and Google’s DNS service with special guest George Starcher. We talk about the advantages and disadvantages of using an alternative DNS service and compare the new Google DNS service with OpenDNS.
Please support our exclusive sponsor for this episode, 1Password.