Ten New Year security resolutions

We all do it at this time of the year: We make resolutions to do things better in the New Year. And why not? It’s a great thing to do, starting with fresh goals and a resolve to do better. Here are some ideas for you choose from with a security twist:

• I will change my critical passwords.
• I will finally start using a password manager (such as LastPass or KeePass).
• I will adopt an algorithm for generating strong passwords (at least 12 characters).
• I will use two-factor authentication where it is available (YubiKey and Google Authenticator come to mind).
• I will use encryption for all sensitive personal files on my digital devices, including thumb drives, laptops, smart phones, etc. (Rohos Mini-drive, AxCrypt, TrueCrypt, Wickr).
• I will establish a regular backup routine for all my devices that uses two different media and at least on copy off-site.
• I will encrypt my backup.
• I will become aware of physical security and make sure that my digital devices are always either in my possession or safely stowed.
• I will not blindly click on links in email, nor will I respond in any way to pop-ups or messages I am not sure about without checking them out first.
• I will not open any attachment in any email from anyone unless I am expecting it or absolutely sure of what it contains.

There is new or Earth-shattering here, at least nothing that I haven’t mentioned and advocated for years. Hit the comments and add your own.

Happy 2013!