Ensuring Security - Passcode cycle

  • Using Dual platforms (Windows and Linux) Looking for ideas on what type of password/code/phrase update schedule might been needed to ensure security. And how you could ensure that the SSH connection isn't compromised.

    Looking at using Veracrypt with 2FA and multi storage options.

  • Looks at LUKS for the filesystem encryption. Make sure to have Fail2Ban on the SSH connection. Use 4096 bit length RSA keys and not passwords for your SSH users. Changing your password is not a meaningful means of protection, nor is complexity. Length is the most important piece.

  • The requirements are to keep family details protected, but have access to them. These are

    • Account details
    • Passwords for different accesses
    • locations of assets
    • Medical history

  • LUKS will work great for that. We used it in big finance to deal with stuff like government bank account details.