In this episode of the Privacy Bootcamp podcast, we dive into securing your social media accounts, focusing on Facebook and X.com (formerly Twitter). Tim Jensen, host of "Intentionally Inconvenient," walks us through essential settings and strategies to enhance your privacy and protect personal information. From managing your Facebook profile visibility to understanding session tokens on X.com, this episode is packed with actionable insights to keep your digital presence secure.

Standout Quotes:

•              “Your public profile is the tip of the iceberg. Hide the rest to stay secure.” – Tim

•              “Aliases for emails and phone numbers are a little privacy measure that goes a long way.” – Tim

•              “Session tokens can bypass logins; logging out regularly stops this vulnerability.” – Tim

•              “Limit what you share. Every detail is a piece of the puzzle for data collectors.” – Tim

Key Takeaways:

1.         Facebook Privacy Settings:

◦         Use Privacy Checkup tools to manage who can see your posts, stories, and personal details.

◦         Limit the visibility of your friends list to prevent impersonation scams.

◦         Lock down past posts by adjusting the audience to "Friends Only."

◦         Use aliases for phone numbers and emails to keep your contact details private.

2.         X.com Security Practices:

◦         Regularly log out of all sessions to invalidate session tokens and secure your account.

◦         Turn off discoverability by phone number and email to reduce unsolicited contacts.

◦         Use hardware keys like YubiKey for 2FA instead of SMS-based authentication.

◦         Disable location tracking and minimize personalized ads to reduce data collection.

3.         General Privacy Strategies:

◦         Avoid using social media accounts to log into third-party apps.

◦         Consider using services like DeleteMe to remove personal data from broker sites.

◦         Regularly review and update privacy settings to ensure they align with your preferences.

Episode Timeline:

•              [00:00] Introduction to Facebook Privacy

•              [02:15] Using Privacy Checkup Tools

•              [05:30] Managing Public Profile Visibility and Locking Down Posts

•              [10:00] Introduction to X.com Privacy Practices

•              [15:20] Managing Session Tokens and Turning Off Discoverability

•              [20:10] Using Hardware Keys for Enhanced Security

•              [25:00] Final Thoughts on Privacy

●     goclik.me/deleteme - A service recommended by Tim Jensen to remove personal information from the internet. They offer a 25% discount.

Host: Tim Jensen Email: [email protected]: Intentionally Inconvenient Podcast

In this episode of the Privacy Bootcamp podcast, we welcome Tim Jensen, the host of "Intentionally Inconvenient," where he explores personal freedom through privacy. Today, Tim delves into two-factor authentication (2FA) and multi-factor authentication (MFA), focusing on authenticator apps and other methods to secure your online accounts. Learn about the tools and strategies that can protect you from hackers and enhance your digital security.

●     “In today’s online world, you absolutely must implement 2FA and MFA to move you from the low-hanging fruit to the top-of-the-tree hanging fruit.” – Tim

●     “Convenience is the enemy of privacy.” – Tim

●     “Always log out when you're done with your session. It’s the most inconvenient thing, but it’s also the most secure.” – Tim

●     “Your authenticator app does not need to be connected to the internet to generate codes.” – Tim

●     Importance of 2FA and MFA: These tools add an extra layer of security to your online accounts, making it harder for hackers to gain access.

●     Types of Algorithms: Various algorithms like time-based one-time passwords (TOTP) and HMAC-based one-time passwords ensure the secure generation and verification of authentication codes.

●     Authenticator Apps: Recommended apps include YubiKey and GSA Authenticator, which allow you to generate secure 2FA codes and transfer data between devices.

●     Risks of Session Tokens: Always log out after your session to prevent unauthorized access through stolen session tokens.

●     Avoid Storing All Credentials Together: Keep your 2FA codes separate from your password manager for enhanced security.

●     Offline Functionality: Authenticator apps can generate codes even when offline, making them a reliable option.

●     Consider Hardware Keys: Tools like YubiKey are nearly foolproof because they require physical possession to access accounts.

●     Biometric Concerns: Biometrics are convenient but can be compromised if accessed by unauthorized entities, including government officials.

●     [00:00] Introduction to 2FA and MFA

●     [02:15] Types of 2FA: Text, Email, Phone Calls, and Authenticator Apps

●     [05:40] How Algorithms Generate 2FA Codes

●     [10:30] Recommended Authenticator Apps and Tools

●     [15:20] The Importance of Logging Out After Sessions

●     [18:45] Risks of Storing Credentials Together

●     [21:10] Hardware Keys vs. Authenticator Apps

●     [25:00] Final Thoughts on Privacy and Security

●     Free Code Camp (https://www.freecodecamp.org/) - Mentioned as a source for more detailed information on authentication algorithms.

●     goclik.me/deleteme - A service recommended by Tim Jensen to remove personal information from the internet. They offer a 25% discount.

●     My Life (https://www.mylife.com/) - A people search site that can potentially find personal information about an individual.

●     Spokeo (https://www.spokeo.com/),

●     Whitepages (https://www.whitepages.com/)

●     BeenVerified (https://www.beenverified.com/)

●     LexisNexis (https://www.lexisnexis.com/) - Other people search sites that can potentially expose personal information.

Host: Tim Jensen Email: [email protected] Website: Intentionally Inconvenient Podcast

In this episode, Tim Jensen explores the importance of two-factor authentication (2FA) and multi-factor authentication (MFA) using hardware keys to enhance online security. He explains the concepts behind these authentication methods, their role in establishing identity trust, and how they form part of a robust privacy framework. Tim also highlights the advantages of using hardware keys like YubiKey and OnlyKey over other forms of authentication.

●     “Two-factor authentication establishes trust with someone who does not know who you are by using something from a trusted authority as proof of your identity.” – Tim Jensen

●     “Convenience is the enemy of privacy.” – Tim Jensen

●     “Hardware keys need to be physically with you, so that’s the best kind because they can’t be stolen through hacking.” – Tim Jensen

●     “Always buy two hardware keys. Never buy just one.” – Tim Jensen

1.    What is Two-Factor Authentication?

○     A method requiring two distinct forms of identification to access an account.

○     Common types include: something you know (password), something you have (hardware key), and something you are (biometric data).

2.    Why Use Hardware Keys for Authentication?

○     They provide an extra layer of physical security.

○     Cannot be duplicated or stolen digitally.

○     Best for protecting critical accounts like financial or medical records.

3.    Tim’s Hardware Key Recommendations:

○     YubiKey: Supports USB-C, NFC, and stores authentication codes.

○     OnlyKey: Combines password management with authentication, supporting up to 24 passwords.

4.    Best Practices for Hardware Keys:

○     Register your keys during account setup.

○     Keep backup keys in a secure, separate location (e.g., a safe or safety deposit box).

○     Separate storage for passwords and two-factor authentication codes.

5.    Layering Your Security:

○     Combine hardware keys with other methods like VPNs and unique email aliases.

○     Use hardware keys alongside password managers for the most secure setup.

●     [00:00] Introduction: Recap of email aliasing and the importance of layered security.

●     [03:00] Explanation of two-factor and multi-factor authentication.

●     [10:15] Why hardware keys are the most secure method.

●     [18:45] Demonstration of YubiKey and OnlyKey features.

●     [24:00] Practical steps to secure your accounts with hardware keys.

●     [29:45] Closing thoughts: "Stay safe and stay private."

•  http://goclik.me/deleteme -  A service recommended by Tim Jensen to remove personal information from the internet. They offer a 25% discount.

•  yubikey.com - Website for purchasing YubiKey hardware security keys

•  onlykey.io - Website for purchasing Onlykey password manager devices

Host: Tim Jensen Email: [email protected] Website: Intentionally Inconvenient Podcast

In this episode, Tim Jensen dives into the importance of email aliasing as a foundational step in maintaining privacy and protecting your digital identity. He shares practical strategies to safeguard your accounts, minimize exposure to hackers, and build a layered security system. Tim emphasizes creating habits of privacy and introduces tools like Proton Pass, SimpleLogin, and YubiKey to simplify the process.

●     “Using the same email address and the same password for everything is a horrible strategy.” – Tim Jensen

●     “Using an email alias adds another layer of security.” – Tim Jensen

●     “This little bit of inconvenience is a lot better than having your accounts stolen or your entire identity stolen.” – Tim Jensen

●     “Create habits of privacy.” – Tim Jensen

1. What is an Email Alias?

○     Email aliasing is essentially email forwarding that hides your real email address from senders.

○     You assign unique email aliases for each account or purpose, which forwards messages to your actual email address.

1. Why Use Email Aliases?

○     Protects your primary email from data breaches and spammers.

○     Allows you to track where your email address might have been compromised.

○     Helps compartmentalize your digital identity.

1. Tim’s Recommendations for Privacy Layers:

○     Use unique email aliases stored in a password manager.

○     Create 20+ character unique passwords for each account.

○     Utilize hardware keys like YubiKey for significant accounts.

○     Employ two-factor authentication through apps or hardware keys.

1. Managing Your Privacy Habit:

○     Start small, mastering one privacy step at a time.

○     Layer your security for critical accounts like financial or medical accounts.

○     Gradually incorporate habits like using VPNs, encrypted communication tools, and credit freezes.

1. Tools Highlighted:

○     Proton Pass: Combines password management with email aliasing.

○     YubiKey: Hardware key for two-factor authentication.

○     SimpleLogin: Service integrated with Proton Pass for alias management.

●     [00:00] Introduction: The importance of email aliases.

●     [03:15] What is email aliasing, and why it’s essential for privacy.

●     [07:50] Layering your security: Tim’s recommended strategy.

●     [13:00] Stories of compromised accounts and how email aliasing prevents them.

●     [18:30] Practical steps to start with Proton Pass and SimpleLogin.

●     [24:45] Tim’s privacy bootcamp habit-building strategy.

●     [29:10] Closing thoughts: “Don’t be the low-hanging fruit for hackers.”

●     goclick.me/protonpass: A password manager with built-in email aliasing.

●     SimpleLogin: A service for creating and managing email aliases.

●     YubiKey: A hardware key for two-factor authentication.

Host: Tim Jensen Email: [email protected] Website: Intentionally Inconvenient Podcast

Tim dives into the privacy implications of search engines, discussing alternatives like Startpage, DuckDuckGo, and Freespoke. He explains how search data can be used to build detailed profiles and why it’s essential to choose search engines that prioritize user privacy.

Standout Quotes:

●     "Your search engine knows more about you than your closest friends."

●     "If you like Google’s results but want privacy, Startpage is your best bet."

●     "Support search engines that build from scratch—don’t rely on Google’s API."

Key Takeaways:

1. Understand the Risks: Mainstream search engines track searches, clicks, and even mouse movements.
2. Switch to Alternatives: Use Startpage for Google-like results without the tracking or Freespoke for a transparent experience.
3. Pay for Privacy: Services like Kagi offer ad-free, unbiased results for a subscription fee.
4. Be Mindful of API Use: Many search engines rely on Google or Bing’s back-end, which may compromise privacy.

Episode Timeline:

●     [00:01] Introduction to search engines

●     [03:30] How search engines track and profile users

●     [06:25] Privacy-focused options: Startpage, DuckDuckGo, and Freespoke

●     [12:03] Supporting ad-free engines like Kagi

●     [13:28] Final thoughts

Sponsor - Proton Pass https://www.goclik.me/protonpass

Contact and Additional Information Host: Tim Jensen Email: [email protected] Website: Intentionally Inconvenient Podcast

In this episode, Tim Jensen discusses web browsers and how they impact your privacy. He explains how browsers like Brave, Firefox, and Tor can protect against tracking and surveillance. Tim also highlights the dangers of using mainstream browsers like Google Chrome and Microsoft Edge, emphasizing the need for privacy-focused alternatives.

Standout Quotes:

●     "Brave gives you privacy right out of the box—no need to harden it like Firefox."

●     "Every keystroke, every click, every mouse movement is tracked by mainstream browsers."

●     "Switching browsers is a simple yet effective step toward better privacy."

Key Takeaways:

1. Switch to Privacy-First Browsers: Options like Brave and Tor minimize tracking and protect your identity.
2. Harden Firefox for Better Privacy: If you prefer Firefox, follow hardening guides like those from Michael Basil.
3. Avoid Data-Hungry Browsers: Stay away from Google Chrome and Microsoft Edge to reduce surveillance.
4. Use a Password Manager: Tools like ProtonPass integrate seamlessly with privacy-focused browsers.

Episode Timeline:

●     [00:01] Introduction to browser privacy

●     [03:20] Recommended browsers: Brave, Tor, and hardened Firefox

●     [05:44] Why avoid Chrome and Edge

●     [08:23] How password managers complement privacy browsers

●     [10:18] Wrap-up

Sponsor - Proton Pass https://www.goclik.me/protonpass

Welcome to the Intentionally Inconvenient Podcast! In this episode, host Tim Jensen explores the world of messengers, dissecting the pros and cons of popular platforms like WhatsApp, Facebook Messenger, iMessage, and others. Tim delves into the importance of end-to-end encryption, decentralization, and other privacy features while explaining why he prefers Signal Messenger over alternatives. He also highlights the critical concept of disappearing messages and why they are a game-changer for protecting privacy.

Standout Quotes:

●     "End-to-end encryption means that even in transit, no one can read your messages—only the recipient."

●     "Disappearing messages are like Mission Impossible: they self-destruct, leaving no digital footprint."

●     "A messenger shouldn’t be a museum of your conversations; your privacy matters more."

Key Takeaways:

1. Choose Privacy-Centric Platforms: Platforms like Signal and Briar offer robust privacy features like encryption and decentralization.
2. Disappearing Messages: Enable disappearing messages to reduce the risk of long-term exposure of your private conversations.
3. Avoid Third-Party Surveillance: Use platforms that don’t collect or sell your data, such as Signal.
4. Cross-Platform Flexibility: Use messengers like Signal that work across operating systems, from iOS to Android to Linux.

Episode Timeline:

●     [00:01] Introduction to messengers and privacy

●     [02:33] Evolution of messaging platforms

●     [12:10] The benefits of Signal Messenger

●     [16:20] Why disappearing messages are essential

●     [17:47] Closing thoughts

Welcome to the Intentionally Inconvenient Podcast! In this episode, host Tim Jensen explores the crucial role of virtual private networks (VPNs) in safeguarding online privacy. He clarifies how VPNs work to hide your IP address, showing their necessity in defending personal data from ISPs, cybercriminals, and unauthorized access. Tim provides tips on choosing an effective VPN, dispels misconceptions about digital anonymity, and features the significance of managing one's online identity. He invites the audience to embrace VPNs as an essential part of their approach to maintaining internet privacy.

Standout Quotes:

• “It's nobody's business who you are and what you're doing on the internet. It's not the ISP's business, the website you visit's business, or the business of hackers and identity thieves.”
• “Anonymity in this society is a myth. No matter what VPN companies may advertise, it will not make you anonymous.”
• “Remember, if the product is free, you are the product. You don't want to be using a free VPN any more than you want to use free email.”
• “A VPN is not a fad. They're going to be here for a long time because they serve a valuable purpose of keeping people away from being identified.”

Key Takeaways:

• Evaluate Your VPN Needs: Reflect on your online activities and decide if a VPN is necessary for your situation. Consider how it might improve your online privacy.
• Research and Choose Wisely: Investigate different VPN providers and choose one that aligns with your privacy goals, keeping in mind factors like logging policies and customer reviews.
• Understand the Limitations: Clearly recognize what a VPN can and cannot do. Acknowledge that while it enhances privacy, it doesn't guarantee complete anonymity.
• Check Local Laws: If you travel, be aware of the legality of VPN usage in various countries to avoid any legal complications.
• Regularly Review Your Privacy Tools: Beyond a VPN, ensure your entire suite of privacy tools is up to date and serving its purpose effectively.

Episode Timeline:

[00:01] Introduction

[00:26] What are VPNs?

[03:30] The importance of keeping your IP address private using a VPN

[05:38] VPN misconceptions

[07:41] Proton VPN

[10:10] VPN differences

[12:40] Recap and final thoughts

[13:47] Outro

Welcome to the Intentionally Inconvenient Podcast! In this episode, host Tim Jensen addresses the critical issue of password security, introducing listeners to essential tools like complex passwords, password managers, and OnlyKey. He walks through how each tool functions, why they are crucial for safeguarding personal data, and shares practical tips for integrating them into your daily routine. Tim encourages listeners to consider the broader implications of digital security and prepares them to take proactive steps in the ever-evolving battleground of online privacy.

Standout Quotes:

• “If you can remember it, it's not good enough. Each login should have a unique password.”
• “We don't use the same password for all our logins because the minute someone knows your email address and the password you use frequently, they can guess and phish around wherever else they can go.”
• “If you make it easy for yourself, you make it easy for a hacker. You will get used to it. It will become easier and less complex as time goes on because you're going to go through the same routines over and over again.”
• “The longer it is, the stronger it is. Complexity is important.”

Key Takeaways:

• Audit Your Passwords: Assess your current passwords. Are they complex enough, including uppercase and lowercase letters, numerals, and symbols? If not, make them so.
• Implement a Password Manager: Start using a password manager like ProtonPass to securely store your unique and complex passwords, ensuring you aren’t using the same password across multiple logins.
• Consider Using Hardware Security Devices: Explore tools like OnlyKey for an added layer of security, enabling offline storage and self-destruct capabilities for your most sensitive passwords.
• Educate Yourself on Digital Security Tactics: Stay informed about the latest security threats and defenses. Make it a habit to regularly update your knowledge to protect against emerging risks.
• Challenge Yourself to Strengthen Online Security: Reflect on how easily a cybercriminal could access your accounts. What steps can you take today to fortify your digital defenses?

Episode Timeline:

[00:01] Introduction

[00:41] Securing your passwords and password managers

[02:36] Managing passwords with ProtonPass

[06:00] The importance of password length and OnlyKey

[13:10] Final thoughts

[13:58] Outro

Welcome to the Intentionally Inconvenient Podcast! In this episode, host Tim Jensen tackles the ever-present threat of identity theft, introducing listeners to three essential tools for safeguarding privacy: fraud alerts, credit freezes, and credit locks. He explains how these measures work, why they’re vital, and offers step-by-step guidance for implementing them effectively. But reclaiming your privacy doesn’t stop with credit bureaus—Tim also teases future episodes dedicated to tackling broader security challenges.

Standout Quotes:

• “You can always reclaim your privacy. You just have to work at it. It's not going to happen by accident.”
• “You need to exist everywhere online. If you limit yourself, you’re not going to succeed. You can’t restrict yourself to just a small part of the marketplace because your competition, I guarantee you, is reaching out further.”
• “You’re welcome to spend your own money—it’s yours, and you can do whatever you want with it. Spend it as you wish. However, to prevent identity theft, you don’t need to spend money, though you’re welcome to if you prefer.”
• That’s what identity theft is about—making it so they can rob you blind through the credit bureaus and the credit system.”

Key Takeaways:

• Freeze your credit with the 5 major credit bureaus (TransUnion, Experian, Equifax, NCTUE, Innovis) to prevent identity theft and unauthorized credit applications.
• Set up a fraud alert with the 3 major credit bureaus (TransUnion, Experian, Equifax) to add an extra layer of protection.
• Evaluate your business's online presence - are you consistently posting on platforms like LinkedIn, YouTube, and Facebook? If not, it may be time to reevaluate your strategy.
• Reflect on whether you're truly "limiting yourself" in your business or if you could be reaching a wider audience by expanding your online footprint.

 Episode Timeline:

[00:01] Introduction

[01:28] Protecting your identity with credit freezes and alerts

[03:22] How podcasting services can simplify your workflow

[07:32] Steps to freeze your credit at all major bureaus

[12:04] Why fraud alerts and locks might not be enough

[14:20] Final tips for staying safe from identity theft