document updated 1 year, 1 month ago, on Aug 15, 2022
Classification of different types of my data
My data is classified by how confidential each is, and storage size.
The "Vault" — Small. The most confidential data I have. It's located in a few places:
The Offline Vault — Hardware 2FA, recovery codes, answers to security questions, and backups of software 2FA.
The Online Vault — Cloud-based password storage (password manager websites, browsers that synchronize passwords).
Somewhere in-between the two — Software 2FA that's confined to one device, and SMS 2FA.
The "Football" — A storage place for some of the above. It's a secure thumbdrive that I hide in my SUV, in case I need recovery codes or whatnot when away from home.
The "Blueprint" — Tiny. Only slightly less confidential than the Vault. — A document that contains:
a list of my cellphone providers, my bank websites, my OAuth providers, cloud computing providers, source code hosts, and my cloud-based backup locations
the security measures enabled for each service — password strength, whether hardware 2FA is supported, what specific recovery options are available, etc.
documentation of some of my low-level security procedures
(It's called "blueprint" because, if you can imagine somebody wanting to attack a castle, if they could get a copy of the castle blueprints it would probably be extremely useful to them, even if they didn't have access to any keys.)
"Backups" — Large data-store. I try to remove confidential information from my backups, but they likely contain more confidential info than I intend to (but scattered around in difficult-to-identify places), so they have to be kept encrypted. But their large size sometimes means that they (again, in their encrypted form) are stored in slightly less secure places.