Encrypt all the things!

Posted on
of 106
First Prev
/ 106
  • Root all the things.

  • I tried that. Had to leave Oz...

  • Assuming you need to check tax return shit, which of these services would you choose to use?

    Government Gateway

    You’ll need:

    your National Insurance number or UK address
    a recent payslip or P60 or a valid UK passport

    You can use your user ID for things like your personal or business tax account, Self Assessment, Corporation Tax, PAYE for employers and VAT.

    GOV.UK Verify
    GOV.UK Verify works best if you’re over 20 years old. You’ll need:

    a UK address
    a mobile phone
    at least one valid photo ID from any country

    You can use your identity account for things like Universal Credit, requesting a basic DBS check and Self Assessment.


  • I didn't think you could chose? I thought Verify had superceded gateway.

    IIRC Gateway is internal whilst Verify is run by other companies, so it depends who you trust more with your data (sadly, neither is not an option)

  • I use both !

    Gateway is the older, I feel it's more secure but clearly has an ops burden for them.

    Verify is the newer, I kind of federation where they have 3rd parties do the authentication and Gov UK do the authorisation... it works, but I'm not sure the 3rd parties give a shit about the UX of auth as much as Gateway did.

    Both are secure.

  • I have used my Gateway in the last few days so it is still active.

  • This is essentially what I'm asking.

  • Gateway if in doubt and it's available :)

  • Well they offering both now, hence the question about which to use.

  • @velocio would you be able to do a breakdown of your recommended basic home setup in terms of encryption and security?
    I've been using PIA on your recommendation for the last few years but I know you have maybe changed your view on vpns now.
    I'm sure I'm not alone here in not being up to speed with updates in this area. I feel confident I can work through setting things up with guidance. I was going to trawl back through this thread for pointers but it would be handy to have it in one post.

  • This thread has his setup listed out a few times I believe.

  • It has changed... I no longer use a third party VPS at all, and have changed my DNS set up significantly, and evolved my multi-browser approach too.

    I'll dig out the last one I wrote and see what has changed and do a refresher post.

  • On a related note, what password managers are people using nowadays? I've used Lastpass for years but wonder if there's something else I should be looking at?

  • I've been using PIA on your recommendation for the last few years

    PIA has recently been bought out by Kape, a group known to be a security concern. ...Crossrider (Kape) created “high risk” malware and adware...

    I have recently moved away from them to Express for this reason.

  • On a related note, what password managers are people using nowadays? I've used Lastpass for years but wonder if there's something else I should be looking at?

    Bitwarden has been my choice for the last couple of years.

    I learned LastPass was now down to a single engineer and essentially it was purchased and being run as a cash cow. Fair play to them, but I prefer to know that many engineers are actively working on security related products... and Bitwarden is open source, has a vibrant community of engaged engineers.

    As a tool Bitwarden fits my usage pattern which is similar to LastPass - runs on multiple operating systems, has Android and iOS apps, does have sync between devices, is verifiably secure, is pretty good with the workflow of password gen and adding new sites. It also supported the export from LastPass as an import, so was easy to get started. I imported into Bitwarden, and uninstalled the LastPass extension from browsers but left a copy of everything in LastPass for a while whilst I got comfortable with Bitwarden and it was all fine.

  • I like Mullvad, all manner of cleverness for a VPN, even down to a randomly generated account number and payment off the grid should you so desire. I think the app is great. https://mullvad.net/en/

  • KeyChain because I’m heavily invested in the Mac ecosystem and it works

    TunnelBear for VPN because Bears

  • VPN - Disconnect.me - Mullvad would be next on my list but I like the added tracker blocking of D.me

    Keychain - because iOS/Mac
    Bitwarden - all work passwords when I have to use windows

  • Thank you I'd appreciate that.

  • Mullvad and KeePass for me. KeePass has been ported to android and also iphone I believe.
    Keepass has been really good and is open for auditing.

  • and to others, cheers.

    Bitwarden looks like the first one to test out and I'll have a look at the others if I'm not keen. I've no Apple stuff so keychain isn't really a good option.

    I've been using Nord and mainly PIA for VPN but been meaning to move away from PIA due to the takeover further up and I find Nord's chrome extension sometimes stops working.

    Mullvad doesn't seem to have a chrome extension so that's out, maybe I'll have a look at Tunnelbear. It's a minor thing but what I'd like is a VPN that works with the BBC so it doesn't always redirect me to bbc.com

  • Post a reply
    • Bold
    • Italics
    • Link
    • Image
    • List
    • Quote
    • code
    • Preview

Encrypt all the things!

Posted by Avatar for Velocio @Velocio