Privacy guide

Practical steps to harden your digital life — sorted by what matters most. Start at the top and work your way down.

Critical

Password hygiene

Weak or reused passwords are the #1 entry point for attackers. Every account needs its own strong, unique password.

  • Use a password manager (Bitwarden, 1Password)
  • Minimum 16 characters — random, not guessable
  • Enable breach alert notifications
  • Never store passwords in a browser synced to an untrusted cloud
Critical

Two-factor authentication

2FA adds a second layer that stops attackers even when your password is compromised.

  • Use an authenticator app — Authy or Google Authenticator
  • Avoid SMS 2FA: SIM-swapping attacks are common
  • Enable on email, banking, and social accounts first
  • Save backup codes offline in a secure location
Important

Network safety

Your internet connection is a window others can look through — especially on public Wi-Fi.

  • Use a trusted VPN on any public or unknown network
  • Set your home router to WPA3 encryption
  • Change default router admin credentials immediately
  • Disable remote management on your router unless needed
Important

Browser privacy

Your browser tracks more than you think — from your location to every search term.

  • Switch to Firefox or Brave as your primary browser
  • Install the uBlock Origin extension
  • Block third-party cookies by default in settings
  • Use DuckDuckGo or Brave Search instead of Google
Good practice

Email security

Email is the primary vector for phishing, malware delivery, and account takeover.

  • Use an alias service — SimpleLogin or AnonAddy
  • Never click links in unexpected or unsolicited emails
  • Consider encrypted email like ProtonMail
  • Always check sender domains carefully before trusting
Good practice

Device hardening

Your devices are the endpoint — and often the weakest link in your security chain.

  • Enable full-disk encryption (BitLocker on Windows, FileVault on Mac)
  • Keep your OS and apps updated — patches close real exploits
  • Use a strong screen lock PIN (not face unlock in public)
  • Audit app permissions every 3 months

Ready to see what threats you face?

Browse the Threat Center to understand the most common attacks in 2025.

Go to Threat Center →