A deep dive into Digital Security

-

 Before we get to the technicalities, let me tell you a few stories that inspired me to write this article. This is going to be long and worthy article. Sit back, focus and implement your own style of digital safety measures (if not done already)!


Anecdote 1

This comes straight from the victim and goes -

“My mobile, along with one another phone was stolen almost 2 years ago in the late night or early morning hours from our PG hostel. The phone was switched off 30 minutes post the theft. After we understood that the phones were stolen, we were trying to call the mobile numbers in those phones. After many tries, a random guy picked the call and said that he fond a thief with 4 /5 devices and caught him because of his suspicious moves in a bus station. That person said that the devices are safe with him and that he’d hand over our devices the next day as he is travelling for a wedding and will be returning on the next day.

Convinced by his words, I have not blocked the SIM card since the process of getting a new SIM after getting the phone will be tiresome and time consuming.

Surprisingly in the night, I got emails from PhonePe mentioning a few transactions to random unknown numbers, that too PhonePe was activated on a different device (which was stolen along with mine from the same PG). In addition, he / they logged in to Flipkart on another device, and tried to place orders from account, with my credit card (saved on the app). Fortunate enough that card had a different number registered and the payments failed since they did not get the OTP on the number which was with them. After understanding the clever moves by the thief, I have blocked the SIM card.

Did not get the phone and also lost money. The mystery here is that they were able to turn off my phone (had to unlock to turn it off), activate PhonePe on another device (had to have the last 6 digits of the debit cards). I suspect that they got access to my main device passwords and were able to find the card details stored on a notepad like app. Just plain texts stored.

As I was unsure about the level of accesses that thief / cyber criminal got, I have logged all my accounts out from that device. And when clearing the Passwords that are stored on the browsers, I accidentally deleted the cookies. Instantly I was thrown out of all logged in sessions. I lost access to my Instagram and Twitter, whose 2FAs were in MS Authenticator (locally without sync to MS account). Recovery codes were just a screenshot on the device with no backup of any kind.”


Anecdote 2

I saw a WA status from a friend that read “My LinkedIn is hacked. Please ignore any messages from me in LinkedIn.” When asked him, I was told “The attacker got access to my email. He changed the PW, and the recovery methods and I am unable to recover my Gmail account. I did not enable 2FA on my LI and he got access to that. I’m not sure what all accounts he got access to.”


Anecdote 3

I have personally seen people writing all their login details, passwords, security questions and answers, in a notebook or a diary, carrying it everywhere they go. Those people live with sheer confidence assuming no one can steal or notice that book as if it is stored in a vault.

What if that book is lost? A nightmare that you cannot even imagine since all your digital vitals are in that.


Anecdote 4

And one friend proudly said “I have all my credit cards stored in my ‘Apple’ photos. No one can touch my device and steal that info”. That same person is using his birth date as the device’s main password and is using Google Keep to store his other account’s passwords and other vital information.

The same is the attitude until some attack happens to you.


Disclaimer

This is from the personal experience and from the XP of people in my circle that I am writing this blog.

Great care has been taken

  • to put this blog in simple terms so that any non-tech person too can understand and plain, lighter language so that you will not feel a sense of tension or fear.
  • not to include any personal bias or names of the individuals that were affected from the digital frauds / attacks.

If you think you don’t have any info to hide or valuables to protect or if you feel that your life is a no-secret-open-book, or no one can touch your devices, this is for you!


Let’s Go….

As many analysts, scientists and researchers say, Information is wealth. Data is the new oil. Companies keep mining for the data, crawl the web pages, ETL, manipulate, sell, train their models, and what not for their sole benefit. Likewise, the attackers / the organizations keep hunting for their prey in disguise. If you are ‘open’ or someone who is not aware of the scams / advancements in the tech, or if your systems are old or vulnerable, there are high chances of you falling for those baits or getting trapped without you knowing that it happened.

In order to protect yourself and stay digitally safe, you need to understand the psychology behind the attackers’ actions, what they want, what kind of attacks happen, how do they happen and the ways to avoid those attacks happening to you. While no one can ensure that you’ll be 100% safe, having a routine or habits or the digital hygiene can at least help you dodge those bullets.

Here in this article, I will try to touch upon those topics to make you understand the digital security, importance of each component that serve you in this processes, the costs involved, practices to follow, and finally, my recommendations for your digital safety. You can always dig more on these concepts or research and identify better alternatives as well.


The Psychology of an attacker - Motives behind the attacks

Human mischief in general comes in many flavors. These digital attacks or the cyber crimes are one among those. Advancements in tech has significantly added numerous resources to the fundamental intent of the attackers increasing the speed, scale, and impact of the attacks. This behavior of the hackers originates from different roots of psychology, economics, sociology, and, on occasion, plain old nihilism. Let’s understand the reasons behind.


1. Money

The main motive behind most of the cyber attacks is M-O-N-E-Y. Cybercrime is lucrative, low-risk, and has it’s wings spread globally. Low-risk because of the difficulty in tracing and identifying the parties involved. A single phishing campaign can reach a million people with near-zero cost. It’s a dark game of scale + anonymity + automation. The attackers often come up with justifications for their actions. Justifications such as “Corporations can afford this loss”, “The victims are careless.”.

The digital distance between the war zone and the origin point of the war erases the empathy in the attackers’ minds. They will be behind the theatre-like-screens, not exposed to the battlefield. They will not know emotions / pain / mental suffering the victims go through in case of any attack. For them, the victims are just numbers, not faces.

Criminal groups operate just like well-established businesses with payroll processing, customer support, HR for recruiting new attackers, and even KPIs for the employees. A ransomware gang today may resemble a mid-sized startup, just with fewer ethics and more cryptocurrency.


2. Power and Control

While most attacks in general are for money, some might be done for power. Attackers want the sense of bending the systems, organizations, or people to their will. Hacking provides a sense of “I can reach into your digital world and rearrange it.”

This desire of power and control might come from different ways. People who are made to feel powerless about themselves offline in the physical world, often seek power in the online / cyberspaces. The systems are a puzzle for the ones who love challenges and problem solving. Cracking those appear to be a conquest. And a few of the attackers are driven by the idea of dominance, the same machinery that fuels cult leaders, bullies, and con artists.


3. Fame, status, and subcultural identity

No money is earned here. The pleasure comes from showing off the skill, by embarrassing the digital asset owners, and by impressing friends in underground communities. It’s mere attention-seeking mixed with ego and mischief. In certain hacker communities, notoriety is social capital. Reputation becomes currency. The famous the hacker, the more the perks and the more the respect.

Humans crave belonging; some find it in productive communities, others in shadowy networks where the badge of honor is chaos. For them, exploiting the common man’s discovery (online presence) is prestige. Defaming the digital asset owners, making their mark on those assets is a thrill. Researching and releasing advanced or more no. of tools is a contribution to their underground ecosystem.


4. Ideological zealotry (Fanaticism)

Some attackers are propelled by different ideologies and agenda like political, religious, nationalistic or any other. These individuals / groups are either Hacktivists (e.g., Anonymous group), or state-sponsored cyber units, or extremist groups weaponizing digital tools.

When a strong ideology enters the mix, morality becomes highly elastic. The attacker begins to see themselves as a soldier on a noble vision / mission.


5. Psychological gratification (the darker corners)

There are individuals who derive emotional satisfaction from manipulation itself. This touches enjoyment by using others as pawns, craving superiority and admiration, lack of empathy mixed with thrill-seeking games. For these people, the scam isn’t a route to the reward; the scam itself is the reward. Outsmarting the victim gives them a sense of existential triumph.


6. Boredom and nihilism

One of the most underappreciated motives is the existential boredom. Some attackers are young, brilliant, and disastrously under-stimulated. The world feels meaningless, boundaries are absent, consequences are abstract, and the internet becomes their playground. The damage is incidental; the fun is the point. This is the “chaos gremlin” profile. Digital vandalism gives life a splash of significance.


The organizational mindset (cybercriminal groups, scam syndicates, and state units)

Cybercrime groups behave like businesses, aiming high ROI, scalable operations, pooling the global labor, easy laundering via crypto, and have low legal risk due to cross-border jurisdiction gaps. They recruit talent, buy zero-days, run help desks for victims paying ransom. It’s multinational capitalism without guardrails.

Inside a criminal organization, no one sees the full damage. Each role is compartmentalized. Responsibility diffuses and empathy evaporates. It becomes an assembly line of harm where everyone feels “I’m just doing my job.”

State cyber units may rationalize attacks in the name of national defense, patriotism., retaliation, preemptive war. Individuals inside these organizations often feel more like soldiers than criminals.

Some scam syndicates (especially in Southeast Asia) operate like coercive cults with shady practices like indoctrination, isolation, rigid hierarchy, punishment for dissent. The psychology here is closer to organized crime than classical cybercrime.

Hacker organizations and institutions sometimes resort to extreme measures against their own members or rival hackers. These actions can include threats or even killings, often driven by internal disputes, betrayal, or competition. These actions reflect the high stakes and dangerous environment within cybercrime organizations.


What systemic forces make digital crime so attractive?

  • Low chance of getting caught (fewer than 1% of cybercriminals are prosecuted globally).
  • High automation = high scale.
  • Anonymous financial networks.
  • Poor digital literacy among users.
  • Massive gaps between countries’ cyber laws.

How does technology itself shape attacker psychology?

Digital distance dampens empathy. No crying face, no collapsing livelihood, no consequences. Just numbers on a dashboard. This leads to moral disengagement.


What early warning signs exist in individuals who later become cybercriminals?

  • Fascination with bypassing authority.
  • Escalation from harmless tinkering to ethically gray hacking.
  • Social alienation + high intelligence + poor mentorship.
  • Online communities that glamorize exploits.

What psychological vulnerabilities do victims share that attackers exploit?

This is crucial, because understanding the attacker is only half the equation:

  • Over trust in digital interfaces
  • Cognitive overload
  • Desire for convenience
  • Fear and urgency triggers
  • Poor cyber hygiene habits

Attackers design their scams around human weaknesses as much as digital ones.


How will emerging tech (AI, deepfakes, autonomous agents) reshape attacker motives?

Future motivations may include:

  • Automated profit-harvesting bots
  • AI-driven social engineering at scale
  • Personalized manipulation
  • Political destabilization via deepfake propaganda

The psychology of the attacker may shift from individual intent to algorithmic optimization. crime without human emotion.

With this understanding about the mindset of the cyber criminals and the organizations, the reasons for cyber attacks let’s slowly get into the concepts of digital security, what are credentials and what constitute of a strong or perfect credential, importance of 2FA, regular backups, auditing, and finally, how to stay safe digitally. Keep reading for my suggestions on tools and practices.


Digital Security

Digital Security is simply the collection of habits, tools, and architectural decisions that protect your identity, devices, data, and presence in the vast and mischievous digital ecosystem. Think of it as the hygiene of your digital life, brush twice a day, but for bits.


Digital security today is about four intertwined layers

1. Identity

Your digital self, email accounts, banking logins, cloud drives, social profiles. Attackers love identity because it unlocks everything else like impersonification, deep fake scams, … Protecting it means using strong authentication methods (passkeys, hardware keys, password managers), being mindful of phishing, and keeping recovery paths clean and updated.


2. Devices

Your electronic gadgets - smartphone, tablet, laptop, desktop computer, self-driving cars, robot vacuum cleaners, washers, dryers, basically any device that is connected to the internet, act like your small kingdom. A compromised device lets an attacker stroll through your kingdom’s streets. Device security now means automatic OS updates, disk encryption, avoiding shady apps, and using secure Wi-Fi networks. Even tiny details like disabling auto-run for USB drives or controlling Bluetooth exposure matter.


3. Data

Everything from your selfies to your source code to your tax documents sits somewhere on your machines, in the cloud, or in the hands of companies you trust. Data security is about encrypting sensitive stuff, minimizing unnecessary data collection, regularly backing up, and understanding where your information flows. Modern times add an important nuance “you’re not just securing your storage; you’re securing your behavior, what you click, what you share, what permissions you grant”.


4. Ecosystem

This is the subtle part people often skip. The digital environment is filled with interacting systems: apps talking to servers, browsers running extensions, IoT devices nibbling on your Wi-Fi, APIs requesting permissions. Security here means understanding the trust boundaries.

Not every device deserves to be on the same network; not every browser extension deserves your data; not every app should sync to every cloud. Not every screen need to be transparent. And not every app deserves to be an admin on your device, have access to your notifications, unless it’s the core feature of the app.

Next comes the critical yet underrated part - the credentials.

  • What are user credentials?
  • What constitute of a credential?
  • What makes it strong?

What are user credentials?

Credentials are the tiny passports you carry around the digital multiverse. They’re the rituals you perform to convince a system, “Yes, it’s really me, and yes, you should let me in.” User credentials are the evidence a user provides to an application or system to prove his / her identity (authentication - basically who you are), authorization - what you’re allowed to do once you're in. Identity is the front door. Authorization is the set of rooms you’re allowed to wander into.

The “credential” is anything capable of backing your claim that you are you. Historically, this began with a username and a password. Very medieval. Today, it stretches across biometrics, cryptographic keys, hardware tokens, and federated identities like “Login with Google.” Credentials form the heart of authentication. Without solid authentication, authorization collapses like a poorly made dosa.

Items that fall under this umbrella

Layer 1: email ID, phone number, username (unique random string), logging in with Third Party Applications like Google, Facebook, Twitter, GitHub, LinkedIn, …

Layer 2: password / passphrase / passkey / physical hardware key (might not contain layer 3 depending on the implementation).

Layer 3: 2FA / MFA - TOTPs, biometric, physical hardware keys (for TOTPs in case of banking apps)


What constitute of a perfect user credential?

To be honest, there is no such thing as ‘perfect’ when it comes to any real world object. All that we can have is ‘close to perfect’. In a similar way, a high-quality, near-perfect credential tends to have:


High Entropy

Entropy means randomness and unpredictability. A strong password or passphrase has high entropy. A cryptographic passkey has astronomical entropy. This is why machines are now better at being unpredictable than humans.


Non-Reusability

A good credential should be good only in the context it's meant for. Reuse is the original sin of security. If one breach opens a hundred doors, the design was flawed.


Phishing Resistance

A phishing site succeeds because the password does not care who it is being given to. It’s just text. If you're deceived, the password gets deceived with you. It’s like shouting your house key combination to anyone who asks, as long as they sound official. A passkey cannot be, because it only responds to the public key stored on the original domain servers. Not to the deceitful duplicates that have random or incorrect public keys. Because the private key never leaves your device and only responds to valid cryptographic challenges, they are phishing-resistant and are treated as the modern gold standard.


Bound to a Device or Person

Credentials that rely on possession (your device), or inherence (your biometrics), or cryptographic pairs (private key stays with you) are much harder to steal remotely.


Easy for the User, Hard for the Attacker

“Perfect” credentials strike a balance, trivial for the legitimate user and nearly impossible for everyone else


Revocability

If something goes wrong, the system must allow you to revoke, rotate, regenerate your credential without burning everything down.


No Shared Secrets

Modern systems move away from secrets that must be stored on both client and server. Passwords are shared secrets. Passkeys are not: the server stores only a public key. Shared secrets scale badly and leak disastrously.


The evolving ideal: Passkeys + Biometrics + Hardware Security

A practical "best credentials" stack in 2025 looks like this:

  • A passkey (public/private key pair)
  • Stored in secure enclave / TPM or a hardware key
  • Unlocked with biometrics or PIN
  • Bound to the website’s domain, making phishing nearly impossible
  • Synced across devices using encrypted cloud storage
  • With recovery mechanisms like backup keys or offline hardware tokens

This combination approaches real-world perfection because it blends cryptography, device possession, and a human factor.


Why is it important to secure your digital presence?

Digital security matters for the same reason a house needs doors: not because you’re hiding treasure, but because an unlocked space attracts trouble. The modern twist is that our “house” is made of data, identities, habits, conversations, devices, and sometimes money, all swirling across the internet in little packets of trust. Weak security lets strangers stroll through that space.

The need for strong digital security comes from three forces that quietly shape our lives now.


1. Centralization of identity

Your online identity has become the root key to your life. Email accounts reset every other account. Phone numbers can be hijacked. SIM cards can be cloned. Cloud apps hold documents, photos, tax files, and work credentials. Weak security here is like handing someone the master keyring to your entire existence.


2. Automation of Attacks

A decade ago, someone had to deliberately target you. Today, vast networks of bots scan the internet nonstop, looking for weak passwords, outdated devices, unsecured Wi-Fi, or sloppy habits. You don’t need to be “important” to be attacked. You just need to exist.


3. Interconnection

Every account connects to others. Every app holds permissions. Every browser extension touches your browsing. When one piece falls, it can cascade. Digital life is a web, and weak security snips at the supporting threads.

Let’s walk through what happens when security is weak. Not to scare you, but to show the real-world cost.

Identity theft is the obvious menace. If someone gets into your email, they can reset your bank logins, impersonate you, or lock you out of your own accounts. That’s the digital equivalent of waking up to find someone driving your car, spending your money, and wearing your face.

Financial loss doesn’t always look dramatic. Often it’s small leaks like the fraudulent transactions, subscription abuse, phishing that tricks you into sending money. Weak security lowers the friction for attackers; they don’t need your cooperation if they can simply break in.

Privacy erosion is slow and subtle. Poor security leaks data bit by bit: contacts scraped by malicious apps, browsing habits sold, location exposed through unsecured permissions. Over time, this builds a profile of you that companies and criminals can use for manipulation.

Reputation damage can happen through hacked social accounts. A malicious post or message sent from your profile can strain relationships or trigger real-world consequences, especially in a professional context.

Device compromise turns your phone or laptop into a puppet. Attackers can use your device to spread malware, mine cryptocurrency, spy on you, or join botnets. Even if you think “I have nothing to hide,” your device has plenty to offer to criminals.

If you run a business, loss of availability is another overlooked cost. Ransomware locks you out of your files. Denial-of-service attacks can cripple your business presence. Even a single hijacked account can be a headache measured in lost hours and compromised plans.

Strong digital security is important because digital life is no longer separate from real life. It’s the same life, just expressed through different channels. Your job, your finances, your communication, your creativity, your memories, all hinge on safe digital infrastructure.


Risk (when security is weak) Real Impact How Strong Security Helps
Identity theft Account takeover, financial loss Strong auth, 2FA, unique passwords
Malware & device compromise Data loss, spying, botnets Updates, safe downloads, antivirus
Phishing Money loss, credential theft Behavioral awareness, link verification
Privacy drift Tracking, profiling, manipulation Permission control, trackers blocked
Ransomware Loss of files, downtime Backups, segmentation, updates
Social account hijack Reputation damage Strong authentication, recovery hygiene

Digital security is not a fortress you build once; it’s more like a fitness routine. Small habits applied consistently make you resilient. The goal isn’t to be invincible; it’s to make yourself a very expensive and inconvenient target, pushing attackers toward easier prey.

The digital world grows denser every year. Good security keeps you nimble within it.


Methods & Practices to safeguard your digital life

The best practices for everyday digital safety form a kind of modern hygiene\

Use strong authentication everywhere. Passkeys where supported. Otherwise long unique passwords stored in a password manager. Add two-factor authentication using an authenticator app or hardware key. This step alone defeats the majority of common attacks. If you are very sure that you’ll not use other’s devices to login to your accounts, you may use the “Sign in with Google” option. There is no absolute need to change the Passwords unless breached if they are strong enough.

Slow down, think and act during the sign up processes as well. Store all the details into your password managers including the backup codes, security questions and answers, customer support contacts for recovery and other support. Prefer having anonymous usernames if possible, unless it is some government website and is mandatory to share your original names. You can use passphrases as those random usernames. If you’re a identity freak and choose to have a single username across all the platforms, you should be more into these security design and regular audits.

Keep devices current. Automatic updates for the OS and apps. Updated browsers. Updated routers. Vulnerabilities are found constantly, and updates are the patches on your digital armor. Use privacy screen protectors if needed. Scan regularly for viruses or malware and fix on the spot.

Encrypt everything that can be encrypted. Phones and laptops now support full-disk encryption by default. Messaging apps like Signal provide end-to-end encryption. Cloud storage can be encrypted with services like Proton Drive or by storing sensitive files in encrypted vaults.

Be mindful of permissions. Every app wants something. Your camera, your contacts, your notifications, your location. Grant only what’s necessary and periodically audit what you’ve granted. Permissions are tiny tunnels into your life.

Segment your accounts and identity. Use separate emails and mobile numbers for banking, personal use, newsletters, and experiments. Don’t log in everywhere with your primary Google account. Reduce single points of failure.

Practice defensive browsing. Don’t click random links. Don’t download files from unknown sources. Disable unnecessary browser extensions. Use privacy filters like uBlock Origin. Treat QR codes like they’re enchanted scrolls, read before activating. Block trackers and optimize your privacy game on the browsers. Prefer duckduckgo as your search engine. Use Tor for extreme anonymity.

Secure your networks. At home, change default router passwords, use WPA3 if available, disable WPS, and consider a guest network for IoT devices. Avoid public Wi-Fi unless using a trustworthy VPN or restricting sensitive activity.

Backup like it’s a ritual. Follow a simple pattern: a local backup plus an online backup. Test your backups occasionally. Backups are the antidote to ransomware and “oops, I deleted everything.”

Be skeptical of emotional bait. Phishing works because it rushes you, fake urgency, fake fear, fake opportunity. Slow thinking is your shield. Pause before reacting. Never share personal details, routines, habits, to any (online) friend. Your weaknesses can be used to trap you.

Pay attention to the domain names of websites and the changes or updates to them (like the recent bank domain name update in India).

Use a paid VPN from a trusted service provider who has the no-log policy and connect when you use public Wi-Fi. You’ll need it the most when connecting to P2P traffic (torrenting).

Regularly audit your email IDs, passwords in the websites like HaveIBeenPwned. If you use a premium Password Manager, this does the heavy lifting.


How to store your passwords, backup codes?

Your passwords should NOT be stored on a notepad / excel sheet / any note taking app, where anyone can open and see through all your details.

Use a password manager instead, hide all the sensitive fields like the password, security answers, Debit or Credit card PINs, just in case someone peeps into your screens while you use the app.
Sync the Password Manager to your cloud accounts. Have a regular local + cloud backups and high availability for your password manager. This is a MUST.

The backup codes are the recovery mechanism if you lose your access to any of your accounts. They are not just random codes that you can throw away or save later when you have time or skip during the sign-up process.

Store them in your Password manager and an encrypted drive (on your computer or on cloud like the Box).

High availability, backups and the sync with your email accounts help you with account recovery even when your primary device is failed / lost / stolen.

How and how frequently you should backup your Data?

Think like a business to understand the importance of data backups. Businesses pay hefty amounts for storing the backups. Just for a fallback in case of failure / attack.

Backups are the antidote to ransomware and “oops, I deleted everything.” These will be the only hope to recover all your data with least to no loss of the latest data (delta) depending on your backup frequencies. Never neglect this step assuming that your devices are working fine or you are using them so safely. Anything can happen to the digital dust anytime. Stealing / device failure can risk all your data and the recovery methods sometimes will cost you a fortune.

Adjust your schedule to have a local backup to a HDD once a month / week. and schedule the cloud backups to a provider that offers encryption. Set reminders / track your digital habits in a habit tracking application. I would suggest having multiple backups locally to avoid single point of failure.


Summary

Aspect What It Means Today How You Achieve It
Identity Security Protecting accounts, authentication, recovery paths Passkeys, strong passwords, hardware keys, 2FA, clean recovery options
Device Security Hardening laptops, phones, IoT Updates, encryption, limited apps, secure networks
Data Security Protecting stored and transmitted data Encryption, backups, permission hygiene
Behavioral Security Defending against social engineering Skepticism, slow decision-making, phishing awareness
Ecosystem Security Managing the environment around your devices Network segmentation, extension audits, app permission control
Privacy Reducing data trails and profiling Trackers blocked, privacy settings, minimal sharing




Verdict

Security Model: Uname + Password
Rating: 1 (5 highest)
Remarks: 2FA is a non-negotiable. 

Security Model: Ph. No. + OTP (or) Email + OTP
Rating: 1
Remarks: Have an alternate number that is not with the banks / other important websites.
There are services that issue temporary email IDs and Mobile Numbers for such websites. Use those when you’re sure you won’t need your history saved in those websites.  

Security Model: Uname + Passphrase / Password + MFA (SMS / Email OTPs)
Rating: 2
Remarks: The OTP destinations can be cloned and OTPs can be hijacked.

Security Model: Uname + Passphrase / Password + MFA (TOTPs)
Rating: 4
Remarks: Backup and Sync of this authenticator app is a Must. Else, the 2FA will not be gone if the primary device is lost / stolen.

Security Model: Sign in with Third Party Apps (Google, FB, LinkedIn, Twitter, GitHub)
Rating: 4
Remarks: removes the need for storing passwords in each website that you have account in. One Account can get you to multiple supporting platforms.
But be careful when signing with your Google / any account in other’s devices as it has many other problems like contact’s sync, staying logged in in those devices, cookies, …  

Security Model: Uname + Passkey
Rating: 4.9
Remarks: The passkeys to be stored on multiple devices for recoverability of your account if the primary device is lost / stolen. Avoid SPOF.

My Recommendations

Based on my analysis, expert opinions combined,

Product Recommendation Reason
Password Manager Enpass (Premium) Freedom to add multiple fields inside any entry (instead of limiting to just uname, PW).
Apps for all OSs, Integration for almost all browsers. PW Audits, and many more to xplore.
Competitive pricing
Password Manager NordPass If you use the Nord Family Services.
Authenticator Anything is fine as log as you sync the 2FA codes to your cloud accounts. -
You may store the TOTPs inside your PW Manager as well unless compelled by the Website / App for another one. -
VPN Nord, Proton Nord for speeds and peace, Proton can be an overall winner, comparatively.
HDD Seagate Competitive pricing. You can xplore WD, Toshiba as well.
SSD Samsung Offers better build.


If you have come this far, it means either I was able to draw and hold your attention :)
or your attention span isn't f'd up by the constant dopamine hit. Congratulations!


Cheers!

Praveen Reddy Marthala






Read further

https://inwedo.com/blog/major-cyberattack-examples/

https://www.cm-alliance.com/cybersecurity-blog/top-10-biggest-cyber-attacks-of-2024-25-other-attacks-to-know-about

https://netwrix.com/en/resources/blog/biggest-cyber-attacks-in-history/

https://secureframe.com/blog/recent-cyber-attacks

https://www.indusface.com/blog/notorious-hacks-history/

https://www.pcmag.com/picks/the-best-external-hard-drives

https://www.reddit.com/r/Passwords/comments/17f73pa/i_made_a_comparison_table_to_find_the_best/

Comments

Post a Comment

Popular posts from this blog

Discipline - what, why, how, how to, and Golden Rules to stick by

-
Who is this article for? To all those who are feeling lost, struggling with consistency, addiction, and trying to build habits through discipline.  A Little Background Habit building and consistency, i.e., maintaining and continuing with the tasks / habits for a longer term, simply boils down to discipline. Discipline, is a very vast and vague topic to xpand / xplore / gain knowledge / build upon, which was never either properly taught or explained or understood in schools and colleges. For them, discipline was just about obedience, punctuality, trimming nails, having – proper hair-cut, clean-shave, uniform, shoes, socks and ties, neat polythene transparent covering for your text and note books, doing homework on time, and so on, mostly a kind of punishment, focussed on the art / aesthetics than the utility. Those definitions might be true to some extent at that point, but, often ignored / not so stressed in those definitions are the terms - ‘regualrly’, ‘showing up’, ‘focus’,...
Read more

Browser Extensions

-
Hello Dear Hustler! Hope you are doing well! This post lets you know the " Browser Extensions ". To proceed further, you should know what exactly is an extension. By definition, the extension means, 'an enlargement in scope or operation.' Likewise, a Browser Extension is a small software application that adds a capacity or functionality to a web browser. A browser extension, also called a plug-in, can take advantage of the same Application Program Interfaces (APIs) that JavaScript can on a web page, but the extension can do more because it also has access to its own set of APIs. An extension must fulfill a single purpose that is narrowly defined and easy to understand. A single extension can include multiple components and a range of functionality, as long as everything contributes towards a common purpose. User interfaces should be minimal and have intent. They can range from a simple icon to overriding an entire page. While extensions are typically use...
Read more

MS Office 2019 Cracked

-
Image
Click on the link below for the File and Download Procedure The File is of 3.3GB (English - US) Follow the  Installation Procedure It will not be an activated product as soon as you install it. Follow the link to find the  Product Key  and activate it. Note: Have Patience since it is a Tedious Process. Do text me on  Telegram  or  Instagram In case of any doubts regarding the product activation, please do refer to the  link . Thank You, Guys. Hope you find it useful. 😊 Also, go through Complete list of MS Excel Shortcuts
Read more