* Slightly advanced tips
Understand why maintaining privacy is important. Start here:
Always look for well known open source alternatives to services that you use:
Start by using reliable open source web browsers:
Install privacy addons:
See also: Recommended privacy addons for Firefox.
Use a search engine that doesn't log your search queries:
Disable tracking, fingerprinting, cryptominers and telemetry from browser preferences. Clear cookies frequently, disable location access to sites and cover your webcam unless necessary.
Quit using Google, Microsoft, Apple, Facebook products for personal/sensitive use cases.
These companies are great for security of your data (for the most part), they hire top engineers from around the world but are worse for your privacy, esp. if they rely on advertisement for their revenue. If you have to use Google, go to your account settings and turn off all the activity controls and ads personalization. Go through similar settings on your dashboard for other accounts.
Always choose "Sign up with Email" while signing up on websites. (?)
Unless mandatory, you should not continue with social signup (Sign up with Google/Microsoft/Twitter/Facebook/Apple/Amazon, etc).
If you are required to do so, take care of what scopes and information you are permitting the service to use. Platforms usually provide a way to manage this info from your account settings:
Create separate email accounts/aliases for signups, newsletters, communication, banking, music, gaming, etc.
Many email providers like ProtonMail and Google allow for unlimited aliases by adding a dot(.) in your email username. For example, ricksanchez@protonmail.com
and rick.sanchez@protonmail.com
or ric.ksanch.ez@protonmail.com
are essentially the same addresses. The messages sent to either of these address will arrive at the same inbox. This tip won't work for Tutanota. These services also allow plus addressing. For example, john.doe@gmail.com
or john.doe+twitter@gmail.com
are the same. You can use these tricks to create aliases for signing up on different sites without putting your main address everywhere.
Avoid using the same username across multiple platforms and websites.
Your first priority should be using a long, unique and random password for every site but having different usernames is also important. Tools like sherlock can be used to hunt down your identities across sites within seconds. Use a random username generator. For random passwords, I use this DuckDuckGo query and my password manager. There are tons of strong password/pass-phrase generators that you can use. Ideally, you should also use randomly generated strings as answers to your security questions for sites that require them and save them on your password manager using custom fields.
Research in advance if the service you're signing up for allows for an (easy) way to delete your account. You might regret later when you find out you can't delete your account/subscription. Some websites have tricky account deletion procedure:
Read this post on Hacker News: Before buying a NYT subscription, here's what it'll take to cancel it
Make use of email aliases or email forwarding services:
Use disposable email addresses for temporary signups:
Use alternative frontends for platforms like YouTube, Twitter, Reddit, and Instagram:
Use Privacy Redirect addon that redirects Twitter, YouTube, Instagram & Google Maps requests to privacy friendly alternatives.
Instead of liking/saving anything on Facebook, YouTube and social platforms, use an end-to-end encrypted bookmark service like Firefox Sync.
Platforms these days track everything from what your see, what you click on, share or comment on, and even how long you looked at a particular item on your feed. Reduce your digital footprint as much as you can. Export your personal data from Facebook, Google from your account settings and work on deleting all of it.
Use decentralized services if you need:
Use end-to-end encypted messaging applications for communication:
Use E2E encrypted email services:
Use E2E encrypted note-taking apps:
Use E2E encrypted cloud storage solutions:
Encrypt your files before uploading them to Dropbox, Google Drive or Microsoft OneDrive:
Use a reliable VPN:
*Use a better DNS resolver:
*Use Linux/BSD:
*Switch the OS on your smartphone:
*Self-host software on your own server by renting a VPS.
*Use PGP for encrypted communication.
Use an open source password manager:
Enable multi-factor authentication on as many accounts as you can. Use an authenticator app like FreeOTP or Aegis instead of giving out your phone number to services (Don't forget to set necessary recovery options and backup 2FA recovery codes for important accounts!).
Monitor if you’ve been part of an online data breach:
This is just a list of the most basic options for getting started on digital privacy. There are comprehensive guides, articles, books and websites for more advanced tips. Make sure to research every option thoroughly to determine what works best for you.