Privacy Action Plan

Hi From Glenn!

One of the main threats to your online security is weak passwords that are used multiple times on different sites. The 20 most common passwords are…

These passwords are shockingly common actually. But even if you don’t use one of these passwords, odds are you use a password that is less than 10 characters long and you use it on multiple websites. 

If this is true, then you are at a VERY high risk of getting hacked and your data stolen. Remember, websites get hacked. Your email and password have almost certainly been stolen already. 

In January of 2019, Newsweek reported that, “A massive data breach containing almost 773 million email addresses and more than 21 million passwords has been dumped online. Security researcher Troy Hunt discovered the breach after the data appeared briefly on the cloud service MEGA and then remained on what Hunt has called “a popular hacking forum” in a folder labeled Collection #1. The 87GB breach contains 772,904,991 unique email addresses and 21,222,975 unique passwords.”

This breach gathered passwords of people from over 2,000 sites. So, I want you to notice something about this snippet: “The 87GB breach contains 772,904,991 unique email addresses and 21,222,975 unique passwords.” So 772 million email addresses were stolen, but there were only 21 million passwords!!! That means that the VAST MAJORITY of people reuse passwords on multiple sites.

So if I’m a hacker and I see your email is attached to 10 different sites, and you always use the password, “iheartpugs1980”, then I can assume that you use the same password on every site. All I have to do then is to go to any major site and try your username and password to get in and potentially steal from you.

Watch this short video from Edward Snowden.

Passwords are at the heart of online security. 

I urge you to take this seriously.

The rule for passwords is that you need to have a unique, long, complex password for each site you log into. For example, a good password looks like this…

RCKHDcmF56sV#5Rr%HPBt&[email protected]@HTYHyKYowwrJBdyhV

Compare this password to one from the list above, such as “abc123”.

But it’s not enough to have a complex password. Every site that you log into should have a different password.

So, your email password may be…

LWNK8W6yW4Z8R!xka&Qi#$vFURjGXgAD2DaQn6icki67x9Bia

And your password for Netflix may be…

zZQJg!hxWKk95QX3VWUMn56TxSa%o%UnQWCEg5ic*eoQV9mzW

And your password for your Amazon account may be…

[email protected]%d2hy5eZhs!%!n*GpSvmhf#KMbv2Nm3^wGmb8T!tF3u

When you look at these complex passwords, you will notice a few things…

First, there is no way that you can remember each of these passwords. The rule is, if you can remember it, it’s not complex enough.

Second, it would be a total pain in the butt to type these passwords into each site you visit. This is why you have a short, easy to remember password, right?

This is why there is one thing that almost all security experts agree on: you must use a password manager. It is one of the single most important things you have to do for proper password practices. 

This brings us to the next topic we are going to cover, which is a password manager. This will take a number of steps.

© Copyright 2023. Glenn Meder All Rights Reserved. 

Hi from Glenn!

So now I want to move onto one of the most important privacy and security subjects; passwords and a password manager.

This is a very important subject, and it’s an involved subject. What I want to do is start by showing you the webinar I created about passwords and password managers. Then, over the next few emails we will get you up to speed with your password manager.

So today’s task is simply to watch this webinar. 

Watch it. Learn it. Take notes. See if you have questions. And maybe re-watch parts of it to make sure you really understand it. Then I will send you a few follow up emails with specific activities relating to passwords and password managers.

Password Webinar:

I know you will want to get started and download Bitwarden and install it. I think it would be better if you wait for my next email though, because I will give you specific instructions. 

If you don’t want to wait, you can go to https://bitwarden.com/ and download Bitwarden on your computer. Or you can wait for my next step which will cover Bitwarden in detail. 

Enjoy!

Glenn Meder

© Copyright 2023. Glenn Meder All Rights Reserved. 

Hi from Glenn!

Did you watch my webinar about the password manager yet? If not, please go back and complete the previous task. It is very important to watch that webinar.

There is a lot to do in order to install Bitwarden and make it usable, so I’m going to break it down into a few different emails.

Today I want you to:

1. Create a Bitwarden Account and Create a Strong Master Password.
2. Download and Install Bitwarden to your computer.

To Create a Bitwarden Account…

FIRST, click on this link, which takes you here: https://bitwarden.com/

SECOND, click on “Get Started”. 

THIRD, fill out the form. When it asks you to create a master password, it’s important to create a complex password that is easy to remember and that no one will be able to guess. The master password is the password you use to access your vault, so you will type it in multiple times every day, but this will be the only password you will have to remember.

So what you want to do is either come up with a short sentence, or you want to have three or four words combined together. Then you want to take out spaces, and sprinkle in a couple numbers and a symbol or two and make a word all caps. It should be at least 20 characters long. For example…

Walking2BLUEsoundfish*!

volcanoJEANSfeather8bike$

Or you could make it an actual sentence, such as…

IDRINKpurewater4vigor!

If you can’t think of anything, use Bitwarden’s password generator to generate a pass phrase. You can find it here: https://bitwarden.com/password-generator/

Don’t use your dog’s name, or your child’s name or your birthday or anything else that is tied to you. 

TWO WARNINGS!!!!

1. Your browser may want to remember your password. Do NOT let your browser remember your password. In fact, turn off this feature in your browser, because Bitwarden is going to remember your passwords from now on. 

2. I do suggest that you write your master password down somewhere, but then you have to hide it away in a safe or somewhere hidden immediately. Do NOT post a sticky note by your computer with your master password! You have to remember this password.

FOURTH, once you login, download the software and install it on your computer. 

That’s it. That’s all I want you to do today. Next we will set up two factor authentication for Bitwarden, which is a very important step.

© Copyright 2023. Glenn Meder All Rights Reserved.

Hi from Glenn!

So you should have Bitwarden downloaded and installed on your computer, right?

Before we use Bitwarden, we want to make sure it’s totally locked down. In the last task, you should have created a long, complex and totally unique pass phrase as your master password, right?

The next step is two-factor authentication, or 2FA for short, which is what this task is about. 

2FA is an extra layer of security that protects your account if someone were somehow able to get a hold of your password.

When you turn on 2FA in Bitwarden (and any other app) it means that you are requiring two passwords to get into the program, but unlike the first password which is static, the second one changes every time. 

This makes it very, very difficult for someone to get into your account, even if they know your first password, which is what we want.

So the question is, how is this 2FA generated if it changes every time. A 2FA can be generated in different ways. Some websites send you a text message, but this is not the best way to do it. A better way is to download the Authy App to your phone or your computer (phone is better).

To download Authy, go here: https://authy.com/download/ or you can download it in the App store.

Note, Authy is an alternative to the Google Authenticator App, and it’s a much better option (remember that Google = bad). Any website that you use Google Authenticator App, you can alternatively use the Authy App.

Once you install the Authy App, follow these instructions for turning on two factor authentication on your Bitwarden account: https://authy.com/guides/bitwarden/

Remember to write down your recovery code for Bitwarden and keep it hidden in a very secure place (not your desk drawer or on a sticky note).

That’s it. You are set up with 2FA for your Bitwarden account. 

As a final note, you should set up 2FA on every online account you can. 

© Copyright 2023. Glenn Meder All Rights Reserved.

Hi from Glenn!

The next step to getting Bitwarden set up is to install the browser extension. This will make it very easy to use. 

Before I give you the instructions on how to do that though, I want to point something out. Bitwarden also has an app for your phone, but I don’t use it. 

Just to be clear, I’m not worried about the security of the Bitwarden phone app. It’s a very secure app.

I don’t have the Bitwarden app downloaded for two reasons. First, getting online on your phone is not as secure as using a computer. And second, the fewer points of weakness you have, the more secure you will be.

You make your own mind up about whether you want to access sensitive sites on your phone or not. 

So with that rant out of the way, let’s set up your Bitwarden browser extension. 

FIRST, what do I mean by a browser extension?

As we’ve already discussed, browsers are the apps you use to access the internet, such as Chrome, FireFox or Brave. Each of these browsers allow you to install “extensions”, which are mini-apps that you can install within the browser. If you remember, we recommend the Firefox and Brave browsers.

SECOND, it is very easy to install the browser extension. Go here: https://bitwarden.com/download/

Scroll down on the page and click on the download link for the browser you are using. The download link should install the extension automatically. 

THIRD, you will need to log in. 

Here’s a quick explanation video. Please make the video full screen so you can see what is going on.

Downloading and installing the extension for the FireFox app will be very simple. 

© Copyright 2023. Glenn Meder All Rights Reserved.

Hi from Glenn!

Today I’m going to show you how to use Bitwarden. You will find that after you get the hang of Bitwarden, it will not only make your online life more secure, but it is actually more convenient.

Here is a video I created. Please enlarge the video to full size so you can see everything I do.

Does that make sense? If you have any questions, please ask them in the discussion area.

Also, I have one other short video to show you on how to properly set up the settings in Bitwarden.

© Copyright 2023. Glenn Meder All Rights Reserved.