Show more

Modern credential management – security tokens, password managers, and a simple spreadsheet:

infosec-handbook.eu/blog/moder

– there are no "secure" or "insecure" credentials as long as you don't define your own threat model
– use password managers to actually manage (not only store) passwords
– use a spreadsheet to keep track of the rest (SSH keys, GPG keys)

#credentials #password #management #infosec #security #cybersecurity #2fa #u2f #webauthn

"A free repository of customizable AWS security configurations and best practices"

asecure.cloud/

"What can I use to encrypt my Linux filesystem?":

– LUKS/LVM supports full-disk encryption (and optionally 2FA)
– ext4 supports folder-based encryption
– eCryptFS/encfs are outdated/unmaintained
– GoCryptFS uses modern crypto but leaks metadata
– CryFS uses modern crypto and hides metadata but is slower than GoCryptFS

Thanks to Mr. Schumacher from Magdeburger Institut für Sicherheitsforschung

#linux #encryption #crypto #fde #cryfs #encfs #gocryptfs #ecryptfs #infosec #security #cybersecurity

Show more
Social feed

This is a personal and private instance.