39:10 this is the best advice of the whole talk. So clever. Thank you!

19:50 I'm still surprised that people actually answer "security questions" honestly. Want to make them more secure? Easy: - What's the name of your first pet? - lke5tCa083$smcui932nfaKenCHq3/fsd or something like that. Also, "security questions" are awful.

use password manager and how if the password manager is hacked or open a backdoor ?

run a totally separate network and computer and monitors for your employees to surf the web check Facebook and their phones WiFi they are going to do it anyway behind your back.

why are they making certificates for people without a strong verification of their identity, like a smartkey / yubikey or something, or at least some crypto signing

Well I have a few methods of preventing infiltration: Change password regularly every 3 months...and use combination phrases / words mixed with numbers and "special characters" Use Linux with SElinux enabled, and set access controls granularly Install and run regularly ClamAV / RKHunter / CHRootkit on all files and sectors Do not keep any device actually running when I'm not using it (locking your PC screen to go eat dinner, or answer the phone etc.) Don't use Apple products Don't use Microsoft products And if all else fails? Just "unplug" for a few months.

my my Johannes has same tone in real life as well

What if each cloud scans the last 4? (variable so nobody can guess) seconds of connections to see what are linking up with the same send away and bring in information. Only take a terrabyte of RAM per second surely? I'm no hacker but I'd just create two or more windows at home exactly the same, all codes the same, and one is overlapping fake with links to another site What does that do? Think about it, if you leave the fake one(s) open, while the proper says passwords you the hacker typed in are no good, then when the actual owner of the password goes to type in the password, the fake window one will overlap from anywhere in the world and see the real password typed. There'd be a way to to leave the fake window open without the host website knowing anything, maybe it was left open after trying to place in your own password in fake password account holder as well. I cannot do it as know nothing of code but bet someone out there is doing this....?? Simply you'd bring up two windows then change everything in the fake one to match the real window then overlap etc.... Please nobody go and do this. It's important to trust each other and trust each others works online