+ from a bookmark. If after clicking a link in an email you are directed to a
+ log in page, it's probably a phishing attempt
+* Only log in to webpages that are protected by SSL/TLS (HTTPS). Look for a
+ green address bar, or a green lock icon or similar in your browser
+* Use two factor or two step authentication everywhere if possible
+* Turn of automatic image rendering. Better still, disable HTML rendering and
+ authoring entirely in your email client
+* Be suspicious of *all* emails. Risky things: HTML email, images, unknown
+ sender, poor spelling/grammer, 'Your email client can't display this email,
+ click here to view in your browser' or similar attempts to coerce you to click
+ on things
+
+Resources
+---------
+
+`EFF notes on Diceware`_ They generally have good advice for these kinds of
+topics.
+
+`This Presentation`_
+
+`Keepass`_, an offline password manager
+
+`1Password`_, a pay to use password manager with some nice features
+
+`LastPass`_, an online password manager with a gratis tier
+
+.. _Diceware: http://world.std.com/~reinhold/diceware.html
+.. _EFF notes on Diceware: https://www.eff.org/dice
+.. _This Presentation: https://git.friedersdorff.com/max/intro_dice_and_pmgmnt
+.. _Keepass: https://keepass.info/
+.. _1Password: https://1password.com/
+.. _LastPass: https://www.lastpass.com/
+
+
+.. target-notes::