– Protecting Your Most Critical Data

Published November 18, 2024 | By Glenn

Protecting Your Most Critical Data

We all have critical apps, accounts, and devices to which we can’t afford to lose access. However, your digital and online services are at risk unless you take proactive steps to secure the information needed to recover after a catastrophic event. It may be as simple as losing your phone or all your devices due to a fire, flood, tornado, or theft.

We assume you are using a Password Manager to create, store, and protect your most valuable data: your passwords, passkeys, authenticator keys, and secure notes. A password manager makes it easy and convenient to safely store almost everything you need to get back and running after losing access to accounts and services. You may also have a separate TOTP (Time-based One-time Password) app for your phone. Being secure in today’s world requires a password manager and two-factor authentication.

Losing access to your password manager and TOTP device will keep you from accessing online services and your computer.

Protecting yourself can be as simple as keeping a printed document and thumb drive containing the necessary information to recover your critical accounts and devices. You must create this document or thumb drive without leaving any traces on your computer and store it securely, protected from prying eyes and disaster, in a fireproof safe or, better still, a safe deposit box.

Emergency Recovery Accounts and Devices List

Password manager
Secure online backup (Proton Mail and Docs)
TOTP app
Primary email account
Computer account recovery

Necessary Recovery Information For Emergency Recovery Info

Nane or account or device
Username
Password
Authenticator seed
Backup hardware authenticator key (ID and location)
Recovery phrase
One time codes

Note: You should record as much recovery information as the service offers.

Caution: Choose carefully the editor you use for this task. Tools like Microsoft Word, Google Docs, and almost any other editor can and will leave copies of your document behind either on your hard drive or in the cloud. You must avoid leaving traces of this information at all costs. If you have a Windows computer, the built-in Notepad app is safe to use, but never save your work to the “C” hard drive; instead, use a thumb drive that will be stored securely when not being updated. Or create your list in Notepad, print it, and discard it without ever saving it.

I accomplish several of these requirements using Proton Drive, which is part of the free Proton Mail account. It is similar to Gmail and Google Drive, except it is end-to-end encrypted. Anything you edit in the Proton document editor is secure, leaving no traces behind on whatever device you use to create and edit a document. (see Appendix A)

Create your free Proton Account. Remember, this account will hold all of your secrets. It needs a high-quality password and two-factor authentication that is as robust as what you use with a password manager.

Log into your new Proton Mail/Drive account. Create a new document where you will enter the recovery information for all of your critical accounts and devices, including the recovery information for this Proton Mail account. Like Google Drive, everything is saved to the Proton cloud but secured with end-to-end encryption. Of course, you should print this document, and if you want, download it to a thumb drive for secure storage.

I also create a document containing the QR codes, authenticator seed, and 2FA backup or recovery codes for all accounts using 2FA (about 80 at this writing). Having the QR codes and authenticator seed double-protects my 2FA recovery information. It also makes it easy to recreate phone app data if disaster strikes.

See Appendix B for suggestions for Sample Recovery Information.

Appendix A

Is Protion docs secure in my browser when editing?

Editing using Proton Docs is very secure because it uses end-to-end encryption, meaning even your keystrokes and cursor movements are encrypted. End-to-end encryption prevents anyone, including Proton itself, from seeing your document content unless you explicitly share it with them; this makes it a highly private option for online document editing compared to other services like Google Docs.

Key points about Proton Docs security:

End-to-end encryption: All data, including document content, keystrokes, and cursor movements, are encrypted throughout the editing process.

Open-source code: Proton’s open-source encryption algorithms allow independent security audits to verify their effectiveness.

Appendix B

Sample Recovery Information

Emergency Recovery Info

BitWarden PW manager
Username
Password
Authenticator seed
2FA recovery code:
Hardware token Yubukey
BW fingerprint phrase:

Proton Mail contains backups
Username
Password
Authenticator seed
Recovery phrase
One time codes