More and more people rely on their smartphones not just for pleasure but business as well. Some people even sleep with their phones as they cannot comprehend the loss of their valuable data, be it, contacts, family photos or even bank apps. It is no secret that using a lock screen with a strong password is the very first step but that is not the aim of this guide. In this guide, we will talk about security options that keep your device safe from online hacks and attacks.
1. Normal Password or Better Two-Factor Authentication
Whichever app you use whether it is for your bank or a government entity, always use two factor authentication if provided. It is very important because this provides an extra layer of protection that will come very handy not only when you want to reset your passwords but even if a hacker manages to find your username and attempts to reset the password he will be faced with a very difficult hurdle.
Beware of hackers and other malicious entities who will use Two-factor authentication to lure you into believing that they can send you SMS messages to show you that they are the real authority. When in reality, just about anyone can request a password reset text message if you have setup a phone number as part of your TFA.
2. VPN or Better Private VPN Server
Use a public VPN service to encrypt your internet connection but beware of many free services as a malicious hacker could setup a fake VPN service which will be snooping on all your traffic and may even be able to intercept your SSL connection through reverse proxies or forward your requests to malicious DNS servers that could lead to phishing attacks.
My Unpopular opinion but very powerful is to have your own VPN server. While Virtual Private Servers have become pretty cheap some almost 5$ per month, you can easily set it up as your VPN server if you are willing to follow a few tutorials. If you are interested in such a tutorial for yourself, leave a comment below and I will write such a tutorial. Anyways, this should be cheaper than most VPN providers on the market and completely within your control. So long as you do not offer your VPN sever to the public it should fall under acceptable terms of use but nonetheless check with your VPS provider.
3. Password Manager or Encryption App
Common advice is to use different password for the different services
you use. Common Advice is also to never store or write these passwords
down. Many passwords and unreliable human memory is a very good recipe
for disaster. Most of the articles on the web will then suggest a
password manager and will even suggest such a wonderful PM app that you
can rely on. But my advice is once again different.
Some of these
password managers store your passwords in an online vault and hence
need internet connection which is simply another possible backdoor. The
most secure computer/server/mobile is the one which is switched off. I
also always suggest not to blindly rely on these password manager as no one
knows how they are storing it and who has access to it. A good password
manager will lock all your passwords behind a master password but
unlike the real world where you can physically block access to a room
behind a key, this is not possible in software. You must use encryption
where the master password becomes the key to decrypt encrypted data into
the passwords for use. For convenience these password managers also
automatically pick the password for you which like the internet
connection can be a potential security hole. Take the matter into your
own hands.
I instead suggest to avoid using password managers and
find novel encryption algorithms that only encrypt the data for you,
does not send it anywhere and does not do anything automatically with
it. Once encrypted, you store this encrypted password on a device and
tuck it away in a safe place. Only consult that device if you forget the
password, do not use it for every day use. This is the safest option as
even the most sophisticated hacker out to get you will cry his eyes
out.
As developer of Dexacrypt,
you can use it to perform the first step and encrypt any password then
you can copy that encrypted password into a device of your choice a
phone, another computer, somewhere in your VPS or a file in an online
drive. As long as only you know the encryption key and location of where
you are storing your passwords, none can hack them out.
4. Physical prevention of loss of phone or Better Emergency contact info & Find MY Device
Losing a phone can literally be a life ending scenario. A lost phone ending up in the hands of a hacker is a treasure chest filled with all kinds of goodies. While there is no way to prevent losing a phone as we are human, we have to focus on its cure or recovery. The two options for recovery is to include emergency contacts which you can find in the About Phone section of your system settings, then find and tap the line labeled "Emergency information." and add an emergency contact — a close friend, family member, significant other etc. The other option is to use find my device which should be enabled from settings and as long as you're able to sign into your Google account, you'll be able to find your phone's last known location on a map and manage it remotely within a matter of seconds.
Conclusion
Above you will find some conventional & unconventional wisdom
regarding your device security from an actual Android App Developer.
Although I suggest my apps for download, it is in no way to simple make
money off of you or from some sponsor. I wrote this article to promote
my app and to explain why it would be a better option than third party
password managers.
Comments
Post a Comment