I don’t really intend for this website to be a personal blog, and instead more of a place where I can upload cool 3D stuff as I learn it. But since I’ve already made a couple of posts on my new build as well as once again running a Linux Desktop, I figured I’d make one final post on the last set of (overdue) changes I’ve made to my home setup - migrating my email, finally setting myself up with a password manager, 2FA everywhere, and fixing up my backups.
Emails
I’ve been using a run of the mill gmail account for years and years now but I wanted to use my own domain name for a few reasons:
- If Google ever terminated my current gmail account for some reason, I’d be screwed. With my own domain I can always switch providers in that (unlikely) scenario.
- Using my own domain name lets me make a more memorable address.
- I can use catch-all addresses so emails to
@benstorey.com will still be received.
The last point is also handy because I can give a different email address to each site I register for, and if I start getting spammed one day I’ll know exactly who the culprit is!
Password Managers
When password managers first became a thing I stayed away because the idea of having a single point of failure seemed quite scary to me. At some point I realised I should be using a password manager anyway, so now whilst I’m migrating all my online accounts to new addresses (see above) I’m fixing the passwords at the same time.
These days 1Password seems to be the best password manager you can get, but unfortunately it doesn’t work with my current browser of choice - Opera! I’m using Bitwarden now for all my password management needs and I’m very pleased with it.
2FA Everywhere
I had 2FA setup for some online accounts but I’d never made an effort to be strict about it, I just used SMS for codes and didn’t use an authentication app. My concern was that if I had 2FA setup everywhere and lost my phone one day, then I’d be in deep trouble right? Fortunately there are quite a few ways to mitigate this and I’ve taken all the steps below:
- I ordered a couple of U2F Security Keys for an additional 2FA method, one I can keep on me at all times and another as a backup in our home safe.
- I use Authy for authentication instead of SMS wherever possible and I’ve set it to share with my desktop too. This means that if I did lose my phone, I could de-activate it from home and then set it up again on a new device.
- For the recovery codes most sites provide, I keep these on a local KeePass database and not in my main password manager. It’s an extra password to remember but it’s there for me in the worst case scenario.
- For the password manager itself I even scribbled the backup code down on paper and put that in our home safe too.
There’s a lot of resiliency there so it seems hard to imagine a scenario where I could ever lose access to completely everything. It’s taken a lot of time to go through all of my accounts changing not only the email addresses and passwords but also setting up 2FA for all of them, but now that it’s all done it does feel really good to know I’m about as well setup as I can be.
Unfortunately for the U2F security keys most websites don’t support using them yet, but thankfully for me they are supported in the three most important places I need them: My password manager, My email host, and my domain registrar. For domains I’ve always used Active Domain because that was where I registered my first ever domain a long time ago, but I had to transfer everything out to a different one that supports 2FA and U2F.
Backups
So for backups I mostly care about keeping family videos and pictures safe and until now my process for backing up our phones has been very manual:
- Every few months I’d sync our phones to my computer over USB, and then merge with the existing files whilst deleting duplicates.
- Put them all into my Dropbox folder so I’ve an extra copy there.
- Manually copy them all to AWS S3.
This was a bit of a pain for many reasons. Syncing all the phones to my desktop was suprisingly hard, my Android phone always played nice but my wifes iPhone frequently had problems and wouldn’t sync. Having to delete duplicates is a bit scary because it always feels like it’s easy to mess it up and delete some real ones accidentally. I didn’t like using Dropbox only for backups because obviously if you delete it here then it’s gone everywhere (or get corrupted in one place, become corrupted everywhere) which is why I also sent everything to AWS.
Plan A: iDrive
My first plan was to dump AWS and use the much cheaper iDrive, whilst keeping the Dropbox account so I had redundancy in two places. I tried out iDrive for a week or so but eventually decided against it for a few reasons:
- It’s upload speed was painfully slow. 380GB took 78 hours to upload on my gigabit connection.
- The apps didn’t seem reliable and would sometimes show incorrect details, and also they seemed really noisy with lots of notifications I didn’t want to see.
- I’ve read lots of bad reviews with people complaining how terrible their customer service is and how difficult it is to cancel their accounts (I was in the initial 15 day period so didn’t experience this myself)
- Apparently restoring from iDrive is also suprisingly painful if it comes to that, backed up files aren’t versioned at all and they don’t always appear as you’d expect.
iDrive might be cheap but I didn’t want to be paying for a service that was just going to annoy me all the time. The experience with it was useful though, I hadn’t been using mobile apps for backup and knew now that this was a necessity going forward.
Plan B: Tresorit
So my second plan was to use Tresorit which I thought ticked all of the boxes:
- The UIs are really clean on all devices and operating systems. Most cloud providers don’t have Linux clients.
- Much faster upload speed than iDrive.
- It supports multiple devices for one paid account
- Supports sync in a Dropbox style but it keeps deleted files and previous file revisions forever, so I feel like it brings the best of both worlds.
- Tresorit doesn’t force you to store everything in the same directory, you can take any folder anywhere and “Tresor” it to also store it in the cloud. This is nice because whilst most my stuff is on a slow HDD, it’s nice knowing I could keep some files on the NVMe without needing to put everything there.
- A “file request” feature which lets other people upload data to my space when I need them to.
The obvious downside was that it was more expensive, but I figured you get what you pay for so I went with it. Unfortunately after a week of using it very happily I noticed that some 15-20% of pictures that were being backed up from iOS were corrupted and I couldn’t open them. That’s pretty much an immediate show-stopper, if there is any risk of data being lost through the apps themselves then I won’t use them.
Plan C: Dropbox + Duplicacy / B2
I always liked Dropbox and it’s never let me down, so now I’ve setup its Camera Upload feature on both of our mobile phones too (which honestly I should have been doing from the very beginning).
I don’t like using Dropbox as my only cloud backup though, so I went ahead and setup Duplicacy and signed up to Backblaze B2 for storage. B2 should be much cheaper than AWS for what I need, and Duplicacy should save me a lot of pain for what was originally quite manual work when I was trying to upload to AWS.
So after a lot of reading and experimenting and quite a bit of pain, I’ve almost done a full circle and ended up in a very similar place to where I started. My only real changes are that we now use Dropbox for camera uploads, and swapped out AWS S3 with a very similar offering with B2. At least I learned a lot along the way.
