Links

Backups

CryptoParties

Browser Extensions / Add-ons

Devices / Hardware

Password Managers

1) Dedicated Service / Program

Browser Extensions/Add-ons, Two-Factor Authentication options, strong password generators, account based sharing, import/export:

  • LastPass – Remembers all your passwords, so you don’t have to.
  • Dashlane – Safe, simple way to store and fill passwords and personal information.
  • 1Password – Save your passwords and log in to sites with a single click. It’s that simple.

A file that is has to be saved and backed up manually, no sharing, Yubico only/limited/no Two-Factor support:

  • KeePass – Free, open source, light-weight and easy-to-use password manager.
  • KeePassXC – KeePassXC is a community fork of KeePassX, the cross-platform port of KeePass for Windows. Every feature works cross-platform and was thoroughly tested on multiple systems to provide users with the same look and feel on every supported operating system.
  • MiniKeePass – Free iOS KeePass client.
  • KyPass – Paid iOS KeePass client with Dropbox and Google Drive sync.
  • KeePassDroid – Free Android KeePass client.

2) Built-in Browser / Operating System Password Managers

No sharing! Requires use of a Sync service for automatic Cloud Storage/Backup. May not include a password generator, no import/export:

Diceware Passphrase Generators

Easier to remember/share; not all services/devices will accept passphrases, but when they do it is a great option:

  • Diceware Generator – Diceware is used to generate cryptographically strong passphrases.
  • passphraseme – A quick and simple cryptographically secure python script to generate high entropy passphrases using the Electronic Frontier Foundation’s wordlists, including their fandom-inspired wordlists.
  • EFF Dice-Generated Passphrases – Manual, In Real Life generation of passphrases using dice. most secure

Resources

  • Security Checklist – An open source checklist of resources designed to improve your online privacy and security.
  • EFF Surveillance Self-Defence – Surveillance Self-Defense: TIPS, TOOLS AND HOW-TOS FOR SAFER ONLINE COMMUNICATIONS
  • Prism Break – Opt out of global data surveillance programs like PRISM, XKeyscore and Tempora. Stop governments from spying on you by encrypting your communications and ending your reliance on proprietary services.
  • privacytools.io – Provides knowledge and tools to protect your privacy against global mass surveillance.

Secure Messaging

  • Signal – Fast, simple, secure. Privacy that fits in your pocket.
  • ProtonMail – Secure Encrypted Email Based in Switzerland.
  • Keybase – Imagine a Slack for the whole world, except end-to-end encrypted across all your devices.
  • Riot – a universal secure chat app entirely under your control. (Powered by Matrix.org)
  • Briar – Tor/Bluetooth Secure messaging, anywhere. (Android only)

Secure File Storage / Sharing

  • Cryptomator – Free client-side encryption for your cloud files. Open source software: No backdoors, no registration.
  • Keybase – Imagine a Team Dropbox where the server can’t leak your files or be hacked.
  • Syncthing – Syncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized.
  • VeraCrypt – VeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux.

Security Plan (Risk Assessment / Threat Modeling)

Services

  • Internet Artchive – Internet Archive is a non-profit library of millions of free books, movies, software, music, websites, and more.
  • NeverSSL – This website is for when you try to open Facebook, Google, Amazon, etc on a wifi network, and nothing happens. Type “http://neverssl.com” into your browser’s url bar, and you’ll be able to log on.
  • RiseUp – Provides online communication tools for people and groups working on liberatory social change.
  • RiseUp Pad – Real-time group collaboration of text documents. Riseup does not store IP addresses, we require https, and pads are automatically destroyed after 30 days of inactivity.
  • JotForm – Great alternative to Google Forms and features Encrypted Forms!
  • CryptPad – CryptPad is a private-by-design alternative to popular office tools and cloud services. All the content stored on CryptPad is encrypted before being sent, which means nobody can access your data unless you give them the keys (not even us).

Tor

  • Tor Browser Bundle – Tor Browser contains everything you need to safely browse the Internet.
  • OnionShare – Open source tool that lets you securely and anonymously share a file of any size.
  • Tails – Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity.
  • Whonix – Whonix is a desktop operating system designed for advanced security and privacy.

Two-Factor

  • How to: Enable Two-factor Authentication
  • Authy – Google Authenticator with Backups
  • Turn On 2FA – Provides an explanation of 2FA and how it protects online accounts from compromise as well as a directory of step-by-step tutorials on enabling the security feature on 100s of top websites.
  • Two Factor Auth (2FA) – List of websites and whether or not they support 2FA.
  • Krypton – Browser extension that allows you smartphone to become a FIDO U2F key.
  • USB Dongle Authentication – List of websites and whether or not they support One Time Passwords (OTP) or Universal 2nd Factor (U2F).

Updates

If a device or program have become Unsupported / End of Life / Obsolete you should fully upgrade/replace ASAP.

VPN

Web Browsing

  • Firefox – Firefox is made by Mozilla, the non-profit champions of a healthy internet.
  • Firefox Focus – A dedicated privacy browser with tracking protection and content blocking for your smartphone (iOS & Android)
  • DuckDuckGo – The search engine that doesn’t track you.