Logo with initials

Privacy and security, quickly

──── 3 mins

A simple list of best practices for online privacy and security. Each item comes with an explanation and an immediate step you can take.

1 Password manager

The first, and most important: Use a password manager. Don’t use LastPass. A password manager creates a unique password for your online accounts and helps manage your logins. For each website that you reuse a password on, the possibility of that password getting leaked and stolen increases. Password managers also monitor leaks and will try to tell you if one of your password is compromised.

But why would someone hack me? What happens is people don’t hack you. What happens is some database with unprotected passwords gets leaked, then hackers get the accounts, then they try the details on every service to see if it works. That’s why reusing passwords is a bad idea.

How: Use BitWarden, it’s free. Pay for it if you can, or use 1Password (not version 8 though, it’s terrible).

2 Virtual debit cards

Virtual cards are temporary debit cards that you can use to pay online. You can have more than one associated with the same account. A virtual card has 2 main purposes:

  1. Security: Just like unique passwords, a virtual card protect the actual credit card details from being stolen. And the card can be deactivated more easily than a physical card.
  2. Subscriptions: Each virtual cards can have custom expiration dates. So if you want to watch a show on Apple TV and use the 7-day trial, you can create a virtual card that expires before the end of the trial. Then you won’t get charged accidentally if you forget to cancel.

How: Your bank might offer virtual cards, I know that Monzo and Wise do it in the UK, as does N26 in the EU and privacy.com in the US.

3 Encrypt your hard drive

The quickest of the bunch. Encrypting your hard drive only takes a few minutes, but it ensures that someone can’t get access to the data on your computer if you lose it. On macOS, it’s under Security & PrivacyFileVault.

4 Get a VPN

A VPN is a software that routes all your Internet traffic through servers. A VPN encrypts your connection, masks your IP and protects your DNS. This is essential for digital nomads and others who need to rely on public Wifi in coffee shops, hotels, airports, etc.

How: ⚠️ There’s a lot of scam in the VPN industry, be careful. I would only recommend ProtonVPN, Mullvad, IVPN, and Mozilla VPN.

5 Make backups

It’s annoying, I know. The cheapest way to make backups is to buy a physical hard drive and put 10 mins in your calendar every month to do it.

Otherwise, you can use an encrypted cloud storage service like sync.com, Tresorit, or Proton Drive.

In general, if you spend a day or more working on an offline document (like a keynote presentation), it’s a good practice to back it up at the end of the day.

6 Use Signal

When you use Facebook messenger, or Instagram/snap DMs, your messages are stored in plain text (at least by default). Just like with passwords, sometimes a database is breached, and everyone’s data gets leaked. The solution is encrypted messaging.

How: Encrypted messaging apps like Signal, Session, and WhatsApp encrypt your messages, meaning they can’t read them.

These services don’t keep the messages either, so even if they got hacked no one could read them either. (Although WhatsApp does share metadata which is why I recommend Signal.)

597 words