Short Update: March 2024

Happy Sunday, fans! Or anyone who randomly stumbled upon this article. Except for you, Kyle...

Short Update: March 2024
The current state of my garage. Photo by CHUTTERSNAP / Unsplash

When we last met, I made grand promises about doing more lab assignments, volunteering, and stealing the Mona Lisa. Admittedly, that last one is a stretch goal, so I'm not concerned that I haven't pulled it off yet. For the rest, here's where we're at:

The Lab is Back - Kinda...

I have regained access to my office space and no longer work from my secondary desk (i.e., the standing desk that is my dresser). Say what you will, but running multiple VMs on a single laptop screen is not my idea of a good time; I need my three-monitor setup! That said, I have my old workspace up and running again. The downside: I'm about to depart for a prolonged business trip, which will keep me from doing my planned deep dives into lab work. The upside is I'll have more time to study while I'm abroad. But then I'm moving to a new place shortly after I return from my trip. I might get to lab work soon, but I might not. Just remember my promise to you, my readers, when I made this site.

CompTIA Sec+ Remains Priority One

As mentioned last month, the Sec+ exam is my next certification goal. I'm not rushing the learning process; if I intend to apply what I've learned to a cybersecurity role, I'll need to comprehend the material and use it as a jump-off point to study less familiar subjects. Despite the slow pace, I need to earn my certification no later than June 2024, as it's required for my Skillbridge program. Thus far, I'm making good progress through my study material, and it looks like Testout has updated its courseware with CompTIA's inputs. Testout now includes performance-based and ambiguously worded questions in the style seen on CompTIA's exams.

Volunteering Continues

If you recall, last month, I applied to work for a non-profit, the Leader Transition Institute. I should have an update on that by the end of this month. The interview process turned out to be less violent than I anticipated; I didn't even need to use my nunchucks. While I'm waiting to hear back, I'll be volunteering in other areas that are local to my community. I'll be at San Diego B-Sides this month as part of the security team. If you're at the conference, be sure to say hi and snap a selfie.

Unless you're Kyle. Seriously, Kyle, we will notify the cops if you show up. The restraining order remains in effect until next year.

Quick Tip: Stop Procrastinating; Get a Password Manager

Every website these days requires us to create a username and password to use their services. Such is the price we pay in this digital age. However, the sheer number of accounts we collect over the years creates a growing risk if we're not careful about keeping tabs on all those passwords. Humans suck at creating passwords, and we're even worse at remembering all of those passwords. That is probably why the top reused passwords over the years have been '123456', 'password,' and '1234567890'. Not only are these terrible passwords, but if they're used for more than one account, a malicious actor suddenly has access to 10 accounts versus just one. Even if you use a throwaway password for your 'Tom Brady Sucks' fan page, odds are that password is a variation of the one used for more critical accounts, like your email or online bank account (i.e., TomBradySucks and TomBradySucks123). This is where the password manager comes into play.

Password managers not only store the account details for all your online personas securely, but they can create unique, random, and complex passwords for every single account. Moreover, the password manager is only available on devices you set up using unique tokens, a master password, and multi-factor authentication. Many password managers seamlessly integrate with multiple operating systems, mobile devices, and web browsers. I prefer 1Password, but just about any of them will do a better job than your current system (we know about the note on your iPhone...). The drawback of using these services can be the subscription costs; however, Bitwarden provides essential password management services for free. Please do your research, pick one that works for you AND your family, and use it for your most important accounts first.

Check out this article here for a more detailed breakdown of why password managers are so essential and recommendations on the top services.