How to secure your online accounts

Ultimate guide to securing your online accounts: password managers, second-factor authentication and operations security.

Support me through Patreon: https://www.patreon.com/thehatedone

- or donate anonymously:

Monero: 84DYxU8rPzQ88SxQqBF6VBNfPU9c5sjDXfTC1wXkgzWJfVMQ9zjAULL6rd11ASRGpxD1w6jQrMtqAGkkqiid5ef7QDroTPp

Bitcoin: 1HkDxXAVDFhBHSyRjam5WW5uoY88sxn5qz

You need three things to secure your online accounts:
0) Password manager to generate strong and unique passwords
1) Second-factor authentication - the best option is NitroKey Fido or YubiKey, followed by USB or app-based 2FA one-time-passwords.
2) Good OPSEC - or operations security - without it, no tool can save you.

Sources and links:
OPSEC
https://www.amnesty.org/en/latest/research/2018/12/when-best-practice-is-not-good-enough/
https://ssd.eff.org/en/module/how-enable-two-factor-authentication
https://cpj.org/2019/01/cpj-safety-advisory-sophisticated-phishing-attacks.php
https://cpj.org/2019/07/digital-safety-kit-journalists.php
https://cpj.org/2019/09/digital-safety-remove-personal-data-internet.php
https://cpj.org/2019/01/digital-safety-using-security-keys-to-secure-accou.php
https://securityinabox.org/en/guide/malware/
https://arstechnica.com/information-technology/2018/09/british-airways-site-had-credit-card-skimming-code-injected/
What if you were phished https://www.forbes.com/sites/joegray/2019/09/16/5-critical-steps-to-take-after-being-phished/
Information security for journalists https://www.youtube.com/playlist?list=PLOZKbRUo9H_rhmlF5IrlT0jxCCJk_odLV

Tools [I have no affiliation with the following organizations]
Password managers
https://keepassxc.org/
https://bitwarden.com/

2FA apps
FreeOTP (iOS, Android) https://freeotp.github.io/
andOTP (Android) https://play.google.com/store/apps/details?id=org.shadowice.flocke.andotp && https://f-droid.org/packages/org.shadowice.flocke.andotp/
hint: both Bitwarden and KeepassXC offer 2FA TOTP

Security keys and TOTP on a USB
https://www.nitrokey.com..