LesPerras.com

Securing Things

A Few Weeks Ago

A few weeks ago I got a message saying that some of the sites I had password saved in had been hacked by somebody and my passwords might have been leaked. Because of that I decided I'd better do something more serious about my passwords.

Change the Passwords

First I have to change them. Since I'm changing them I may as well do the real good thing which is to make a different password for every site. That means that I have to use a password manager cuz I can't remember all those passwords. When I looked in the browsers to see how many passwords I had saved, there was more than 400, and I can't remember 400 passwords.

Password Manager

I decided to look for a password manager that was run in Linux. I came across key pass and that was pretty good but it didn't actually integrate very well on my Android or some of the browsers. I almost gave up. I was going to do the password keeping manually by myself.

Mutt

Then when I was looking at using mutt as a console or terminal based email program it said use pass. Pass is a password manager specifically for Linux. It's super simple and it's rock solid reliable because it uses gpg which is like super hard encryption passwords. So now I'm going to get things set up using pass. This whole thing got me thinking about security.

Minecraft

Then last night I discovered that somebody got into our Microsoft world, I mean not Microsoft but Minecraft. I didn't have any security measures on it so they didn't hack their way in; they just went in... the world it was open. But they weren't invited and they're strangers (and they trashed the place and left nasty messages... ) and I decided I'd better make Minecraft a bit tighter.

Security Measures

So I changed the IP address and the port... no I didn't change the IP address, I changed the port I put the guys who came in on a bond list and I set up whitelisting on the Minecraft server. Now it's locked down tight and I feel really good about that.

Security on my Websites

Another security measure I'm taking is to move all my sites over to AWS. I want to use amplify and their Dynamo DB. If I use cognito then I don't have to do the authorization. AWS does all the authorization for me and that's a higher standard than I can do. So that's another measure of security that I'm looking at these days. In addition to higher security AWS is a pay as you go system and with my extremely low traffic volume I could probably get away with each site costing $0.50 a month. That's a huge savings.