GoFuckYourself.com - Adult Webmaster Forum - View Single Post

thumbuilderic · 10-08-2013, 06:16 AM

You could use a CIDR filter to restrict access from certain IPv4 blocks. I use AWS and they have numerous safeguards against such concerns.

If your host supports SFTP, you should move to that immediately and configure a public/private key. Store your private certificate file in an encrypted volume, USB drive, or in a secure cloud service like Dropbox. I use 1Password. They have an iPhone app that syncs with the desktop version (sells for $60 but worth much more!) that has saved my ass on numerous occasions. Then, use 1Password's built-in generator to generate a bulletproof password for Dropbox and you should be pretty secure.

If your host doesn't support SFTP, then use 1Password to generate a bulletproof password for your FTP address but don't save it in the client. Avoid any common names or dictionary words, or anything that could be easily brute-forced. Don't store any passwords on your computer in Excel files or anything - 1Password (or another comparable service) can track them for you. I use a 32-character mnemonic master password that is not written down anywhere to lock down my other passwords.

Also, another nice feature of 1Password is that it allows you to log in and copy passwords to the clipboard without ever revealing them. No need to enter in lengthy, tedious passwords each time.

Godspeed.

10-08-2013, 06:16 AM
thumbuilderic Just some porn guy Industry Role: Join Date: Aug 2012 Location: LA Posts: 365	You could use a CIDR filter to restrict access from certain IPv4 blocks. I use AWS and they have numerous safeguards against such concerns. If your host supports SFTP, you should move to that immediately and configure a public/private key. Store your private certificate file in an encrypted volume, USB drive, or in a secure cloud service like Dropbox. I use 1Password. They have an iPhone app that syncs with the desktop version (sells for $60 but worth much more!) that has saved my ass on numerous occasions. Then, use 1Password's built-in generator to generate a bulletproof password for Dropbox and you should be pretty secure. If your host doesn't support SFTP, then use 1Password to generate a bulletproof password for your FTP address but don't save it in the client. Avoid any common names or dictionary words, or anything that could be easily brute-forced. Don't store any passwords on your computer in Excel files or anything - 1Password (or another comparable service) can track them for you. I use a 32-character mnemonic master password that is not written down anywhere to lock down my other passwords. Also, another nice feature of 1Password is that it allows you to log in and copy passwords to the clipboard without ever revealing them. No need to enter in lengthy, tedious passwords each time. Godspeed.