So you’ve gotten over the “I have nothing to hide” argument and realized that losing control of your online privacy can be a nightmare. That’s great! But now you’ve got to take action.
Protecting your privacy can seem like a daunting task, but fear not. You don’t have to give up on the internet, you don’t have to get a Ph.D. in applied physics, and you don’t have to spend your days and nights plotting out sophisticated anti-hacking schemes. A journey of a thousand miles begins with a single step, right? We’ve mapped out that first step for you, with these three tips for beginning your online privacy journey.
Get a password manager
Here are a few techniques for handling all of the passwords you may have:
- Write everything down on a piece of paper and hope it doesn’t get lost or burned
- Use the same password everywhere and see how long it take before one login ends up on the dark web and gets used to hack every single account you own, resulting in your bank accounts being drained, credit cards getting maxed out, and a mortgage being opened up in your name
- Create unique passwords for all 200+ of the online accounts you have and carefully construct a memory palace for each
- Get a password manager
If you want to chance it on options 1 and 2, be our guest. If you have the mental stamina for option 3, have at it. For the rest of us, a password manager is one of the most effective ways to protect online accounts.
They’re simple—any time you create an online account, just jump into your password manager and create a new login. You can have a new, secure password automatically generated that you can copy and paste into the app or website. Most password managers will sync logins across your devices, and their browser extensions will fill in passwords for you without having to copy and paste. And all of your logins will be enclosed in a highly encrypted database with just one master password for you to remember.
Besides the obvious benefit of never having to memorize another login, password managers are the perfect antidote to security breaches. The next time there’s a large-scale user database hack, just use your password manager to create a new, secure login.
Turn on 2FA
Two-factor authentication (2FA) is the official name for that thing that likely happens whenever you log in to your bank’s website. You know, after you’ve entered your password, when they make you enter a code sent to your phone or email before you can get in. Even if your password gets compromised, someone would need access to your phone or email, too, before they could get into your account.
It’s not limited to banks, and 2FA is one of the smartest moves you can make to protect your privacy. Start by visiting twofactorauth.org to browse an extensive directory of websites offering 2FA. Find the sites you’re using and set up 2FA one by one.
Bonus points if you use an authenticator app or hardware key instead of SMS-based 2FA. SMS isn’t the most secure technology to begin with, and, well, read on to find out why giving companies your phone number isn’t the best practice.
Don’t give out your phone number
It’s become pretty common for mobile apps to ask for your phone number during signup. While it might seem harmless, those ten digits are a really big, really critical piece of the puzzle that is your identity. Along with your email address and social security number, it’s one of the few easily shareable pieces of personal information that no one else can claim.
So when an app requests your phone number, ask yourself, Is this necessary? If your phone number is an integral part of the service—e.g., if the app forwards calls to your phone—then it makes sense. But if not, think twice. It may just be a way to grab your number to add to an advertising profile. Besides the robocalls and spam, it’s a way of connecting your actions in one place with those in dozens of other places. That’s exactly what happened in 2019 when Twitter harvested user phone numbers provided for 2FA and handed them over to their advertising group.
In some cases, you may just choose to not sign up for an account. But if you really, really, absolutely, positively must have the app, there’s another option: a Burner phone. Create a second phone number in our app and you’ll be able to sign up for accounts without giving out your regular number.
Balancing it out
Okay, okay, so none of these tips are what we’d call convenient. But protecting your online privacy is always a balance between security and convenience. We’re squarely on the side of giving up some convenience to gain security, and we think it will be worth your time. Go ahead—take the first step.