Ask HN: How to do a Personal Cybersecurity audit

8•preciousoo•2h ago

I am acutely aware that if I were targeted by a non sophisticated actor (like a very motivated hacker, or a phone/laptop thief with programming knowledge), I would be toast if they figured out, e.g my windows password, as that is the key to my Chrome keychain, for e.g, which allows them into a pandora's box of accounts.

Even more likely, if I were to get a laptop stolen while unlocked, they could get access to my primary email(s), which could lead them to getting access to accounts via password reset. There were a lot of similar other failure points I used to keep enumerated mentally, but now there's too many to count. The biggest ones are email access however.

Is there a process or method I can use to enumerate/track and fix those kids of failure points in my personal cybersecurity?

Comments

ifh-hn•1h ago

Don't use chrome to store your passwords. Use a password manager that's not tied to a cloud company that you can use multifactor Auth with, one of which is off device.

Don't leave yourself signed into your accounts. As soon as you're done sign out.

Keep everything portable and not centralised.

Convenience doesn't make for good cyber security.

You can't protect yourself from everything but you can make it more difficult.

montague27•1h ago

I would be more careful towards social engineering than some random typical hackers. The former seems more prevalent and successful in my POV.

1970-01-01•38m ago

Start at the fundamentals, dammit!

Do you have off-site backups of all your critical data on a regular schedule?

Do you have physical 2FA on all your accounts?

Are you actively patching/updating all your devices on a schedule, and actively discarding the devices that are too old to patch?

Only after these are done should you start looking at complex phishing and social engineering scenarios. You can successfully mitigate everything you are worried about by nailing these fundamentals.

null_deref•8m ago

Do you have suggestions on how to do off site backups? For example for images and documents

The AI boom is not a bubble

What to Do When the Trisector Comes (1983) [pdf]

Why Modern Art

One-Third of US Families Earn over $150k

HMLR: Open-source memory layer passing Hydra9. LangGraph drop in availble

Why the Internet Is Bad for Democracy (2005)

Behind the Scenes of OSS Vulnerability Response

TP-Link only works with a permanent internet connection

Quick update on Titan and feedback response

I vibe coded a vector wiki covering all things vectors

n8n-Oidc

Claude's Incidental Obsession with Dancing

OpenCode Zen

Deep sequence models tend to memorize geometrically; it is unclear why

Show HN: I built an AI VC to roast my ideas using Gemini, Claude, and Streamlit

CRISPR platform can reduce stem cell differentiation from months to weeks

So, I Tried an AI Shopping Cart

Pyimagecuda-studio: Design image pipelines visually. Automate with Python

I built an interactive simulator to explore AI futures (2025-2030)

Show HN: Agtrace – top and tail -f for AI coding agent sessions

Show HN: Word Game's New Home

Yellow tinted presentations look ugly

ParadeDB Makes Faceted Search 14× Faster Inside PostgreSQL

Show HN: Interactive plan annotation and sharing for Claude Code

Poor Man's Productivity Trick

Why women on LinkedIn are masquerading as men

The Mythical Non-Roboticist (2024)

Hacker News, but it’s a static site

Wuchale (internationalization from plain code) now supports Astro

Potato: A small, data-oriented pansharpener