Offizielle Vorlage

Cybersecurity personal 2026

A
von @Admin
Sicherheit & Notfallvorsorge

How do I protect my online accounts, passwords, and personal data from hackers?

Projekt-Plan

14 Aufgaben
1.

{{whyLabel}}: Knowing which of your accounts are already compromised allows you to prioritize which passwords to change first.

{{howLabel}}:

  • Visit 'Have I Been Pwned' and enter your primary email addresses.
  • Review the list of data breaches and identify sensitive accounts (banking, email, government).
  • Note down any accounts that still use the same password as the breached one.

{{doneWhenLabel}}: You have a list of all breached accounts that require immediate password changes.

2.

{{whyLabel}}: Human-readable passwords are easily cracked by 2026-era AI; a manager allows for 20+ character unique strings for every site.

{{howLabel}}:

  • Download an open-source manager like Bitwarden or a privacy-focused one like Proton Pass.
  • Install the browser extension and mobile app for seamless syncing.
  • Set up a 'Master Password' using the Diceware method (5-6 random words) that you have never used elsewhere.

{{doneWhenLabel}}: The password manager is installed and you can log in with your new master password.

3.

{{whyLabel}}: Your email is the 'Master Key'—if a hacker gets in, they can reset passwords for every other account you own.

{{howLabel}}:

  • Go to your email provider's security settings (e.g., Gmail, Outlook, or ProtonMail).
  • Enable Multi-Factor Authentication (MFA) using a 'Time-based One-Time Password' (TOTP) app like Aegis or Ente Auth.
  • Avoid SMS-based MFA if possible to prevent SIM-swapping attacks.

{{doneWhenLabel}}: You are prompted for a code from your authenticator app when logging into your email.

4.

{{whyLabel}}: Passkeys are phishing-resistant cryptographic keys that replace passwords entirely, making traditional credential theft impossible.

{{howLabel}}:

  • Identify accounts that support Passkeys (Google, Microsoft, Apple, Amazon, etc.).
  • In account settings, select 'Create a Passkey'.
  • Save the passkey into your password manager or your device's secure enclave (FaceID/Fingerprint).

{{doneWhenLabel}}: You can log into at least three major accounts without typing a password.

5.

{{whyLabel}}: If you lose your phone or your password manager access, these codes are the only way to avoid permanent lockout.

{{howLabel}}:

  • For every account where you enabled MFA, locate the 'Recovery Codes' or 'Backup Codes'.
  • Print them out on physical paper.
  • Store them in a fireproof safe or a secure physical location (not on your computer).

{{doneWhenLabel}}: You have a physical backup of recovery codes for your most critical accounts.

6.

{{whyLabel}}: Zero-day vulnerabilities are patched constantly; running outdated software is the easiest entry point for hackers.

{{howLabel}}:

  • Run 'Software Update' on all laptops, smartphones, and tablets.
  • Log into your home router's admin panel and check for firmware updates.
  • Enable 'Automatic Updates' for all devices to ensure future patches are applied immediately.

{{doneWhenLabel}}: All devices show 'Your software is up to date'.

7.

{{whyLabel}}: The router is the gateway to your home; default settings are often insecure and easily bypassed.

{{howLabel}}:

  • Change the default admin password to a unique 16+ character string.
  • Disable UPnP (Universal Plug and Play) and WPS (Wi-Fi Protected Setup).
  • Create a separate 'Guest Network' for IoT devices (smart bulbs, cameras) to isolate them from your main computers.

{{doneWhenLabel}}: Your router has a custom admin password and a dedicated IoT guest network.

8.

{{whyLabel}}: Standard DNS requests are unencrypted, allowing your ISP or hackers on the network to see every website you visit.

{{howLabel}}:

  • Use a privacy-focused DNS provider like Quad9 (9.9.9.9) or NextDNS.
  • Configure 'DNS over HTTPS' (DoH) in your browser settings or at the system level.
  • This blocks known malicious domains and prevents 'man-in-the-middle' redirection.

{{doneWhenLabel}}: A DNS leak test (e.g., dnsleaktest.com) confirms you are using your chosen secure provider.

9.

{{whyLabel}}: Browsers are the primary window for tracking scripts and 'malvertising' attacks.

{{howLabel}}:

  • Switch to a privacy-first browser like Firefox or Brave.
  • Install the 'uBlock Origin' extension to block malicious scripts and ads.
  • Set the browser to 'Delete cookies and site data when closed' for non-essential sites.

{{doneWhenLabel}}: You are browsing with uBlock Origin active and tracking protection set to 'Strict'.

10.

{{whyLabel}}: Ransomware or hardware failure can destroy years of data; redundancy is the only cure.

{{howLabel}}:

  • 3 Copies: Keep your original data + 2 backups.
  • 2 Media: Use an external hard drive (local) and a cloud service (remote).
  • 1 Offsite: Ensure the cloud backup is encrypted and separate from your home location.

{{doneWhenLabel}}: Your critical files exist in three separate locations.

11.

{{whyLabel}}: If your device is stolen, local encryption prevents the thief from reading your tax returns, IDs, or private documents.

{{howLabel}}:

  • Use 'Cryptomator' (open-source) to create encrypted vaults for sensitive folders.
  • Alternatively, ensure Full Disk Encryption (BitLocker on Windows, FileVault on macOS) is active.
  • Never store unencrypted scans of your ID or passport on your desktop.

{{doneWhenLabel}}: Your most sensitive documents are stored inside an encrypted vault.

12.

{{whyLabel}}: Data brokers sell your address, phone number, and family details, which hackers use for highly targeted 'spear-phishing'.

{{howLabel}}:

  • Use a service like 'YourDigitalRights.org' to find opt-out links for major brokers.
  • Manually request removal from sites like Whitepages, Spokeo, and MyLife.
  • This reduces the amount of 'OSINT' (Open Source Intelligence) available to attackers.

{{doneWhenLabel}}: You have submitted opt-out requests to at least the top 5 data brokers.

13.

{{whyLabel}}: In 2026, AI voice cloning and deepfakes make 'urgent' requests from friends or bosses highly convincing.

{{howLabel}}:

  • Create a 'Safe Word' with family members for emergency money requests.
  • If you receive an urgent call/message, hang up and call the person back on a known trusted number.
  • Never click links in 'urgent' security alerts; navigate to the official website manually.

{{doneWhenLabel}}: You have discussed a family safe-word and committed to the 'Call Back' rule.

14.

{{whyLabel}}: Security is a process, not a product; settings drift and new vulnerabilities emerge over time.

{{howLabel}}:

  • Set a recurring calendar invite for every 3 months.
  • During the audit: Check for OS updates, review app permissions on your phone, and delete unused accounts.
  • Test your backup restoration to ensure the data is actually readable.

{{doneWhenLabel}}: A recurring 'Security Audit' is visible in your digital calendar.

0
0

Diskussion

Melde dich an, um an der Diskussion teilzunehmen.

Lade Kommentare...