Looking for a massive upgrade on home PC security

Enxity

Estimable
Nov 3, 2015
1
0
4,510
Hello, I am not exactly a high-profiled celebrity but I do occasionally get targeted by cyber crime, and end up losing data/passwords/accounts. Also, with all the "hacking" drama that's occurring over on youtube, I decided to take up the opportunity to improve MY security as most of it it one or two factor and probably uses SMS conformation.

I've heard of apps, software or plugins that manage passwords but have never put faith into them as it just feels... unreliable to me to store all passwords in one place (other than my mind).

I am wondering what is the best thing to do so people cannot rely on my phone for passwords, but also a program (or something similar) that can store/give me passwords that are HARD TO GUESS AND ENCRYPTED, so people can't keylog (yes, i've been stupid enough to get a logger) their way through to my accounts.

Thanks a lot in advance,
-Enxity
 
Solution
I'm using LastPass premium for website logins with two factor tied to my phone, and the Google Authenticator app. Amazon has a 2FA which can tie into Google Authenticator, and Paypal has an option for text messages. Microsoft accounts can be verified with a Microsoft Account app, and Yahoo email and other services can be set to 2FA with text login codes and app passwords.

You can also install EMET (a poetically named product from Microsoft labs, "Enhanced Mitigation Experience Toolkit," currently at ver 5.5). What the name lacks in flair it adds in precision: it does what it says and strengthens the protections built into Windows and enforces them on programs running therein (once configured) like a digital bouncer, meant to...

SchizTech

Distinguished
Jan 16, 2011
377
1
19,210
I'm using LastPass premium for website logins with two factor tied to my phone, and the Google Authenticator app. Amazon has a 2FA which can tie into Google Authenticator, and Paypal has an option for text messages. Microsoft accounts can be verified with a Microsoft Account app, and Yahoo email and other services can be set to 2FA with text login codes and app passwords.

You can also install EMET (a poetically named product from Microsoft labs, "Enhanced Mitigation Experience Toolkit," currently at ver 5.5). What the name lacks in flair it adds in precision: it does what it says and strengthens the protections built into Windows and enforces them on programs running therein (once configured) like a digital bouncer, meant to reduce the chances of malicious code being executed.

Of course, the #1 recommendation by security experts is keep up to date (Windows, flash, browsers, etc).

ETA: password managers like LastPass include a secure random password generator (ironically you might have to weaken the password to conform to the requirements of some websites!)

As to the threat of a password locker being hacked, a strong utility will encrypt the locker. I can't access my passwords without approving a login attempt from my phone.

In the future, biometrics like Windows Hello (built into Win 10) can help make passwords obsolete, though that's not widely adopted yet. Secure passwords are hard to remember (and store "only in your head") especially if you have a lot of them. For the time a strong app is accepted to be the best compromise.
 
Solution