- What is the Principle of Least Privilege (PLP)?
- Why You Should Not Run as an Administrator or Root User
Authentication, Encryption, Hashing
- Can You Keep a Secret? (PacketLife.net)
- Authentication vs. Federation vs. Single Sign On (SSO) by Robert Broeckelmann for Medium.com
- Security Assertion Markup Language (SAML, pronounced sam-el) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions)
Multi-factor Authentication / 2-Step Verification
- Google 2-Step Verification
- LastPass Authenticator
- Two Factor Auth (2FA): List of websites and whether or not they support 2FA
HTTPS SSL TLS
- Here’s Why Your Static Website Needs HTTPS by Troy Hunt
- HTTPS Is Easy!
- Let’s Encrypt is a free, automated, and open Certificate Authority brought to you by the non-profit Internet Security Research Group (ISRG).
- What Is HTTPS, and Why Should I Care? by Chris Hoffman
- HTTPS and Privacy by Jacob Baytelman
- SSL Server Test: This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.
Training / Certifications
- Cybrary – Free IT & Security Training
- Cisco CCNA Cyber Ops Certification
- GIAC Cyber Security Certifications
- privacytools.io provides knowledge and tools to protect your privacy against global mass surveillance.
- Panopticlick will analyze how well your browser and add-ons protect you against online tracking techniques.
- IP/DNS Detect – What is your IP, what is your DNS, what information is sent to websites?
- DNS Leak Test – When using an anonymity or privacy service, it is extremely important that all traffic originating from your computer is routed through the anonymity network. If any traffic leaks outside of the secure connection to the network, any adversary monitoring your traffic will be able to log your activity.
- DNS Nameserver Spoofability Test: Can you trust your Domain Name Servers?
- Established to serve as a one stop sites for access to the latest resources on information security as well as measures and best practices for the prevention of cyber crimes.
- The default behavior of uBlock Origin when newly installed is to block ads, trackers and malware sites — through EasyList, EasyPrivacy, Peter Lowe’s ad/tracking/malware servers, various lists of malware sites, and uBlock Origin’s own filter lists.
- Add-on’s: Mozilla Firefox ~ Google Chrome
- Security Now 523: uBlock Origin Features
- As NoScript requires user interaction to train it, you may want to do the following:
- Install uBlock Origin
- Install NoScript
- Go into Add-ons Manager > Extensions
- Disable NoScript, but, choose “No, just stop blocking scripts” when you see the Security Downgrade Warning.