The most secure email service and other security advice.

in tutanota •  2 years ago 

In the past, I have been hacked. My cell phone cloned, my emails compromised. Nothing was stolen because I used a password protected Authy 2FA app but it was a scary day. This has forced me to find the perfect, most secure email service on the planet. I found it at www.tutanota.com. Tutanota has no password recovery, hence your account is only as secure as your password, which should be like this:
nzBYa8rGiCjxV8BNp^C/.uAPE&cxVyVbzpunVqm6MyiDcUa8erWHxuLJNGjWzdwN

Protonmail gets an honorable mention but be sure to turn password recovery off. Protonmail is in second place in my book due to lack of FIDO key 2FA and by using 2FA via an app. Protonmail also has too many features, one can get lost in it. And password recovery is turned on via default if you add a recovery email to it. Again, Tutanota has no password recovery service at all. Tutanota only offers one type of 2FA via a FIDO key. I use a Yubikey. You can get it here:
https://www.yubico.com/product/yubikey-4-series/
For $40 you can secure your email from any and all hacker attacks. The only way they'll get in is at the point of a gun. Tutanota does not offer 2FA via Authy or google authenticator because this is less secure, and hackable. For example, if you have a gmail account and use 2FA via a google chrome extension, all one needs to do is log into chrome with your gmail account and they have access to all your 2 factor codes. Hence, don't use gmail for any online accounts you want to be secure. Do not use any mainstream email services, i.e. yahoo, hotmail, aol, etc. Very insecure. One disadvantage (or advantage) to using a FIDO key with Tutanota is your emails will not be accessible on their smartphone app. At least not an iphone. I'm not sure about android phones. I think they accept FIDO keys.

Authy is the best 2FA app in my opinion. Password protect it with a strong password like above.

Use a password manager. Pay for this service. You want security, you must pay for it. 1Password was recommended to me by Andreas Antonopoulos. Your master password MUST be ridiculous. You'll have to remember it so maybe not as ridiculous as above. You can test the security of a password at https://howsecureismypassword.net/ but never put your real password in there, use other number/letters/characters but test the same length and such. The password above would take today's computers 6 quinquatrigintillion years to brute force.

Lock your cell phone account by asking your provider to put a social engineering block on your account. A social engineering block will force the service provider to take extra security steps when making changes to the account. This might cause an inconvenience when logging into your account or updating data and such. This inconvenience should be of no concern. When a hacker controls your phone number they can receive 2 factor codes via SMS, make calls to credit card companies, etc. Therefore, never use SMS for 2FA. If SMS is the only option for 2FA on an account, email them and tell them it's not secure. Never put your phone number on an email account. Tutanota does not even have an option for this.

In addition to backing up .dat files and such to an SD card, use a digital camera to backup private keys and other important passwords and passphrases. A camera that is not connected to any internet or bluetooth. Take pictures of keys/passwords. You can write them down, but you might not be able to read your writing. And printing them exposes them to a network hack. Backup/copy that sd card on a computer not connected to anything. Lock that sd card in a safe and/or store it in an alternate secure location, periodically updating it.

Use a different, new, separate (tutanota) email account for each crypto exchange account. Don't use this email for anything else. This advice is best for those not willing to use a FIDO key. But if you use Tutanota and a FIDO key, you can send everything there because it will never be hacked.

Always password protect every cryptocoin wallet. Always. That way if anyone were to ever get your .dat file, They'll never access it.

Use a different complex cryptographic password for every account/website. No matter what it is. From your beanie baby chat forum site to the password to your bitcoin wallet. And also use randomly generated usernames on any anonymous account. I don't intend to be anonymous here hence jcom3030 (cuz Deltron.)

And lastly, if you can help it, always pack heat, and keep a shotgun close.

Cheers!

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Correction, Protonmail does offer a 2FA app service. I prefer their 2 password mailbox decryption service with no password recovery. That is if I use them.

Congratulations @jcom3030! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 3 years!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Vote for @Steemitboard as a witness to get one more award and increased upvotes!