• identify
    • store everything in your password manager (maybe except, credit card’s CVV and some OTPs)
    • save list of connected devices
    • automatically scan for weak passwords
  • protect
    • consider stronger passwords, rotation, 2FA for more sensitive accounts
  • detect
    • monitor authorized devices
    • monitor suspicious sign-in notifications
  • respond
    • reseting passwords, 2FA, deauthorize devices
    • regenerate and save secret keys and recovery kits
  • recover
    • you can save your 2FA token for OTP flow recovery
    • store multiple copies of recovery kit (master password, 2FA token and secret key) but every single one with different set of secrets