Advanced Plus Security Thales Linux (Debian Cinnamon) 2022

Thread starter Thales
Start date Oct 31, 2022

Last updated: Nov 10, 2022

How it's used?: For home and private use

Operating system: Linux

Other operating system: Debian 5.10.0-19-amd64

On-device encryption

Log-in security

- Basic account password (insecure)

Security updates: Allow security updates and latest features

Network firewall: Enabled

Real-time security: Nope

Firewall security

About custom security: Incoming: Deny
Outgoing: Allow

Periodic malware scanners: Nope

Malware sample testing: I do not participate in malware testing

Browser(s) and extensions: Firefox
No Extensions

Secure DNS: NextDNS

Desktop VPN: Nope

Password manager: KeepassXC

Maintenance tools: Bleachbit

File and Photo backup: Cloud and External Drives

System recovery: System: Timeshift

No need to know the password of my email. I have 4 cloud backups and 2 external drives.

What if I lose my external backups, phone and my system can't be restored?
New system starts. I log in to one of my clouds and download the Keepass Database and Keyfile.
If I can log in then I can restore everything.

What if Keepass database is corrupted?
It has a chance because I use sync software to upload things to cloud.
That's why I upload my important stuff manually to Google Drive.
But I also have the password database in plaintext format inside a Veracrypt container.

So, I consider this as a very secure method

Someone tried to log in to my email and my email provider logs me out.
Almost no chance because my log in email address is different (and not shared) from my regular mail address.

Even if this happens and I lose every physical access to my Password database.
That's why I have 4 cloud access and "Password backup plan" scenario starts.

Not bulletproof but very secure.

I used it in the past and but I realized one program (e.g.: keepass) is better than two (veracrypt and spreadsheet viewer).
Also, phone has problem opening verycrypt containers. Cryptomator (paid on android) could be an option but I'm fine with Keepass.
I think Keepass with Keyfile is secure as Veracrypt.

Main email: random 40-50 char long passwords. No 2FA need because of different login mail.
Ways to prove it's me: Requires 2FA code only if I wanna change account settings

Is it Secure without 2FA?
Yes it is!

Extension?
No need because login details of non-important sites stored in my browser.

Risk factors

- Browsing to popular websites

What I'm looking for?: Looking for medium feedback.

Thales

Level 15

Thread author

Verified

Top Poster

Well-known

Oct 31, 2022

I always wanted to go back to Linux but my work required Windows. Now it is over and I can use my beautiful Linux Distro.

Garuda Linux
I can confirm Garuda Linux is the best Linux I've ever used. It just works. No need to say more