Can somebody please advise me on what security measures exist today?

Okay so, I was getting sick of my internet accounts getting hacked for the umpteenth time in a row. Since 1991 or so (Or whenever the internet came out I was a child when it did so I don't 100% remember the year) my internet accounts have probably been hacked well over several hundred times. About a year ago my Spotify account was hacked and I got my account back the same day, but the sneaky little piece of crap made me pay for a family plan and got free spotify premium for over a year before my wife went through our credit card statment and wondered why Spotify was charging us $15 instead of $10. So I went onto my Spotify account and sure enough I was paying for a family plan and he had several accounts linked to the family plan and not just one. He probably sold the extra accounts and other people got free Spotify for a year +. Yes, I'm stupid and I don't really pay attention to whats being charged on my credit cards I just pay the balance because usually there's always $300+ worth of charges a month on my credit cards so I don't notice the extra charge going through. Giving a hacker over $400 worth of free service convinced me that it was time to increase my security on the internet.

Before you ask, no my computer isn't infected with malware anymore so the hackers didn't steal the passwords from my computers . I stopped being infected with malware after I got a lifetime subscription to zemana anti malware for my wife and I. Since then we've been mostly malware free.

So after the spotify incident I said screw it I'm sick of hackers getting into my accounts and potentially getting free money out of me so I purchased a yearly subscription to Dashlane and made 30+ Character passwords as each site would allow for my accounts. Since then, I haven't been hacked once on ANY of my 50+ online accounts (I have accounts for pretty much everything). It was a massive improvement from before because other times I was hacked probably every 3-4 months or so on average from anything to my Paypal account to my facebook to... anything really. It was ridiculous.

I'm considering switching to your service because you're cheaper than and seemingly have better customer support on top of that. I was wondering, why should I go with your service over Dashlane besides the lower cost? What benefits do you have over the other company? I skimmed your purchase page and you seemingly pretty much have just as much as I'm currently paying $9.99 a month for from dashlane (Their pro option I believe).

I was considering getting a 2nd or maybe multi layer form of authentication since passwords are starting to die the way of the dodo and I've heard there are much better forms of security out there now. I've heard of fingerprint scanners that exist for desktops and the yubikey 5. It's very desirable to me. But I have several questions about this layer of security if maybe you can answer them, otherwise I might just ask Yubikey themselves (their support is a little annoying to go through so I'd rather ask people who know about internet security) 1. Do you need more than one key to secure multiple computers/devices? I got my wife interested in security too. She doesn't use a password manager and refuses to but I've convinced her to remember 20+ character passwords to help secure her online accounts because she has a lot of them too. So do I have to buy my wife a yubikey as well or do they work across multiple devices?

My other question is do most online websites support YubiKey now or do only a few of them? Also the main question, Would YubiKey be right for me or should I get a fingerprint scanner or something of the ilk? What would be the most secure method of securing my wife and I's privacy online and prevent hackers from stealing our money and information? I'm pretty new to what's available today in terms of security so any advice would help. I would also like to secure our computers themselves. We use Windows 10 Pro. I see there's multiple forms of authentication that secure Windows, again which would be best for me? Thanks in advance!


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • DanielP
    DanielP
    1Password Alumni
    edited December 2020

    @Neostarwcc:

    Since then, I haven't been hacked once on ANY of my 50+ online accounts (I have accounts for pretty much everything). It was a massive improvement from before because other times I was hacked probably every 3-4 months or so on average from anything to my Paypal account to my facebook to... anything really. It was ridiculous.

    It's great that you did that, really. Using strong passwords for all your online services and making sure you do not reuse them are your best defense against the sort of events you have unfortunately experienced in the past :+1: So kudos to you for the important step.

    I'm considering switching to your service because you're cheaper than and seemingly have better customer support on top of that. I was wondering, why should I go with your service over Dashlane besides the lower cost? What benefits do you have over the other company? I skimmed your purchase page and you seemingly pretty much have just as much as I'm currently paying $9.99 a month for from dashlane (Their pro option I believe).

    I am not familiar with Dashlane so I don't think I am the right person to answer this part. I also think that these things can be very subjective, so I could only recommend you give 1Password a try and see for yourself. You can see an overview of the 1Password features here. We offer a 14-day free trial so you should have enough time to test 1Password and its features, and see how our support is (and yes, I can confirm that our support team is great ;) ).

    I was considering getting a 2nd or maybe multi layer form of authentication since passwords are starting to die the way of the dodo and I've heard there are much better forms of security out there now.

    I have been hearing this for years, to be honest. The truth is that passwords are still here, and they are still a major part of your account security. Because of this, we have to just accept that things are the way they are, and make sure we take care of our passwords properly. For the future, who knows where we will go, but we will cross that bridge when we get there.

    I've heard of fingerprint scanners that exist for desktops and the yubikey 5. It's very desirable to me. But I have several questions about this layer of security if maybe you can answer them, otherwise I might just ask Yubikey themselves (their support is a little annoying to go through so I'd rather ask people who know about internet security)

    Several laptops (both Mac and Windows) already come with built-in fingerprint scanners nowadays, so it might not be necessary for you to get an external one. If you are exclusively using desktop computers, however, that's a different matter (although I have personally never used external fingerprint readers that I can remember).

    1. Do you need more than one key to secure multiple computers/devices?

    Not necessarily. You could use the same key on multiple computers. What the key protects are secrets connected to your accounts, regardless of whether you access them from. So if you added your Yubikey to your Account X on Computer 1, you will be able to use the same Yubikey to login to Account X on Computer 2.

    I got my wife interested in security too. She doesn't use a password manager and refuses to but I've convinced her to remember 20+ character passwords to help secure her online accounts because she has a lot of them too. So do I have to buy my wife a yubikey as well or do they work across multiple devices?

    I would suggest a separate key for each person, it would be so much easier to manage.

    My other question is do most online websites support YubiKey now or do only a few of them?

    In my experience, "most" would not be the right word. Certainly several of them do, but they are also certainly a minority.

    Also the main question, Would YubiKey be right for me or should I get a fingerprint scanner or something of the ilk? What would be the most secure method of securing my wife and I's privacy online and prevent hackers from stealing our money and information?

    In my opinion, I don't think you should focus on Yubikeys just yet. If you would like to get one and play with it, it won't be a bad idea for sure, but I would not make it your focus yet. I think the first and major step should be to use a password manager, and to make sure that you use it consistently in the family, both for you and your wife. A fingerprint scanner would not do much in your situation at the moment, and Yubikeys are nice additions, but as I said above, you won't be able to use them anywhere. Passwords now on the other hand, you will most certainly use them everywhere ;)

    I would also like to secure our computers themselves. We use Windows 10 Pro.

    As with most things in life, doing 20% of the things will give you 80% of the results:

    1. Keep your system up-to-date with Windows Update
    2. Use an antimalware solution (Windows Defender is much better now than it was in the past, so it's not absolutely necessary to get a paid one)
    3. Don't leave you computer unlocked and unattended
    4. Don't reuse passwords
    5. Use strong passwords
    6. Use common sense (no clicking on weird links, no downloading of unexpected attachments etc. etc.)

    I see there's multiple forms of authentication that secure Windows, again which would be best for me?

    I can't say which one would be the best for you, but I can say that if your computer supports Windows Hello, it would be a very convenient way to login. 1Password supports that too ;)

    Let us know if you have additional security questions. Even if they are not directly about 1Password, we are absolutely happy to answer them for you.

    ===
    Daniel
    1Password Security Team

  • Neostarwcc
    Neostarwcc
    Community Member

    Do you have a free trial I can use so I can check out the features for myself? If you dont have a free trial maybe I'll talk to my wife about ine month of your family plan and if I like your software just as much maybe I can ask Dashlanes support for a partial refund. Worth a try. If not I cant use your software until Feburary because Dashlane only accepts annual plans. You guys accept monthly subscrptions, yes? Dashlane has essentially the same features as your $4.99 plan (unlimited passwords, sync across all your devices, customer support (although not very good and I have to admit you guys are better), a password generator to make making secure large passwords easier, 2FA with yubikey or fingerprints ..etc. it's one of the top password managers like you guys.

    I forgot that we also live in the laptop age. I'm a nerd who has worked on and built desktop computers since I was around seven years old. Back in the good old 486 and Windows 3.1 days. So I dont use a laptop I find the parts far too small and delicate. I dont think anyone misses those days but I do miss DOS. I havent used it in so long I forget how it works sometimes when we have to use command prompt which is slightly similar.

    Yes! Passwords have existed since the beginning. I was a stupid child who made passwords like "password" back in the 90s. But that's not why I kept getting hacked in later life. I usually made 6 character passwords with caps and numbers and usually repeated my passwords. A bad practice I know but i was like my parents we wanted to make passwords we would remember. You're recommending a password manager to me but shouldn't I have 2FA on all of my accounts if I'm getting hacked on average so much? I do have cellphone/tablet 2FA on many of my accounts but and needing my wife and i's fingerprints/password to get into them. But I didnt know quite how secure that was. Apparently the yubikey or another form of 2FA is much more secure. I'm just going by what I'm reading and hearing on the internet. I'd much rather ask a security expert who keeps computers secure for a living.

    Anyway, can you explain to me what windows hello is? Is that where you setup windows to have a password? Yes we have our desktops secured with a secure password that only we know but we wanted something more secure. We get a lot of visitors and I personally dont trust them. Especially when she went to see her family in Ohio for her cousins wedding. One of her other cousins went into her purse and wrote down our credit card information and used it. Wells fargo wiped the charge out and gave me a new card but it's the idea. If you cant trust family who can you trust? You know?

  • ag_ana
    ag_ana
    1Password Alumni

    @Neostarwcc:

    Do you have a free trial I can use so I can check out the features for myself?

    Yes, you can sign up for one here :)

    You guys accept monthly subscrptions, yes?

    Yes, you can choose between a monthly and an annual subscription.

    You're recommending a password manager to me but shouldn't I have 2FA on all of my accounts if I'm getting hacked on average so much?

    2FA is a very useful security feature, but you do not need a Yubikey for that. On most websites, you can activate 2FA using an authenticator app, or you can even use 1Password for 2FA too if you prefer.

    Anyway, can you explain to me what windows hello is?

    Here is the official documentation page from Microsoft on Windows Hello. It allows you to login to your Windows computer with your fingerprint or with face recognition, instead than with a password.

This discussion has been closed.