Hello my good homies. I posted this elsewhere in a security thread, but figured I'd post it here too for awareness. Something I am passionate and somewhat knowledgeable about. Imagine going out into the internet is like walking home alone at night: there are safe routes you know, and you know it's a bad idea to walk down a dark, unfamiliar side street, but you're already out alone in the dark regardless. That doesn't mean it's impossible to explore safely.

Please join me for a crash course in security best practices.

Two-Factor Authentication

First, pick two: Something you know, something you have, something you are. Unless NG starts selling Tankman branded retinal scanners or blood analysis kits, you'll stick with the first two: Something you know (password) and something you have (e-mail account, phone) for 2FA. It's a good idea.

Password Hygiene

I know everyone is terrible at this but STOP using the same password for everything. Servers across the internet get compromised constantly. I've racked up many years of free identity-theft protection as a result of class action lawsuits.

Equally important, I recommend you stop using your browser to store all your passwords. We've encountered problems with this in my job, and it wasn't pretty. There are good password management tools out there. Personally, I like Bitwarden. It's free, open source, and widely regarded as a best-of-class tool.

It can be daunting to create new passwords for the dozens of logins most of us have gotten used to. Passphrases are a little easier to remember and tough for password crackers to beat. So a format like:

xxxx-XXXX-1234-xxxx-XXXX

can be pretty powerful.

new-GROUNDS-1234-tank-MAN is an example.

Everything Else

While I'm on my soapbox, open up a cmd line or powershell and run ipconfig /all. Look for your "default gateway" and copy/paste that IP address into your browser. It probably looks like 10.0.0.1

This will take you to the admin login portal for your router. If you can get in with "admin" and "password", it's time to change it. If you are using "password" or "password1" or "p455w0rd" or anything like that, it could potentially be a problem for you. If you see any password cracking software in action, they automatically run through all these common passwords. You'd be amazed at the terrible passwords attached to critical systems and infrastructure.

More tools for your safety and security (including the aforementioned Bitwarden) can be found here for the interested.