A simple list of best practices for online privacy and security. Each item comes with an explanation and an immediate step you can take.
The first, and most important: Use a password manager. Don’t use LastPass. A password manager creates a unique password for your online accounts and helps manage your logins. For each website that you reuse a password on, the possibility of that password getting leaked and stolen increases. Password managers also monitor leaks and will try to tell you if one of your password is compromised.
But why would someone hack me? What happens is people don’t hack you. What happens is some database with unprotected passwords gets leaked, then hackers get the accounts, then they try the details on every service to see if it works. That’s why reusing passwords is a bad idea.
Virtual cards are temporary debit cards that you can use to pay online. You can have more than one associated with the same account. A virtual card has 2 main purposes:
- Security: Just like unique passwords, a virtual card protect the actual credit card details from being stolen. And the card can be deactivated more easily than a physical card.
- Subscriptions: Each virtual cards can have custom expiration dates. So if you want to watch a show on Apple TV and use the 7-day trial, you can create a virtual card that expires before the end of the trial. Then you won’t get charged accidentally if you forget to cancel.
The quickest of the bunch. Encrypting your hard drive only takes a few minutes, but it ensures that someone can’t get access to the data on your computer if you lose it. On macOS, it’s under
Security & Privacy →
A VPN is a software that routes all your Internet traffic through servers. A VPN encrypts your connection, masks your IP and protects your DNS. This is essential for digital nomads and others who need to rely on public Wifi in coffee shops, hotels, airports, etc.
It’s annoying, I know. The cheapest way to make backups is to buy a physical hard drive and put 10 mins in your calendar every month to do it.
In general, if you spend a day or more working on an offline document (like a keynote presentation), it’s a good practice to back it up at the end of the day.
When you use Facebook messenger, or Instagram/snap DMs, your messages are stored in plain text (at least by default). Just like with passwords, sometimes a database is breached, and everyone’s data gets leaked. The solution is encrypted messaging.
These services don’t keep the messages either, so even if they got hacked no one could read them either. (Although WhatsApp does share metadata which is why I recommend Signal.)