Click here to download a PDF of this Guide.
- Identify information you want/need to keep private
- Bank account and social security?
- Identity and reputation?
- Family photos?
- Protect your sensitive information and accounts. If you get hacked, you may experience a massive invasion of your privacy.
- Use unique, complex passwords.
- Use two-factor authentication (2FA, 2-Step) for improved security when accessing important online accounts, if available.
- Encrypt your data on all devices;. Consult a professional, if necessary.
- Quarterly, check to see if your data has been exposed (because a company with your personal data has been hacked) at https://haveibeenpwned.com . Change passwords as needed.
- Limit information sharing
- Avoid entering contests/surveys, mailing in warranty cards and excessive posting on social media.
- Minimize sharing of your cell phone number. Consider setting up a mobile number alias for unimportant accounts (e.g. Google Voice to forward texts and voice calls to your real number).
- Set up personal email address aliases for your important online accounts (financial, medical, government are important; everything else is unimportant). Gmail, Outlook, iCloud, and Yahoo email are examples of services that offer the ability to set up aliases.
- Minimize sharing your contact list and location with apps.
- Review sharing and privacy settings for all online accounts at least two times a year. Be sure to tell them not to share your data to third parties.
- Hide your internet activity
- Use a virtual private network (VPN) service when using a Wi-Fi network at an airport, restaurant or other public place. Well-regarded VPN services include NordVPN, Private Internet Access VPN and TunnelBear VPN.
- Consider using a privacy-focused search engine, such as DuckDuckGo.
- Minimize tracking of your browser activity by using “incognito” options or installing a blocking extension, such as Privacy Badger, Ublock Origin, or Ghostery.
- Delete or obscure unnecessary data on your devices periodically, especially if files are not encrypted.
- After switching to a new device, carefully erase all files from your old device. Consult a professional, if necessary.
- Periodically clean up stale personal data on websites. For old unimportant accounts, consider updating with false data and then deleting accounts after 30 days.
- Document the things you have done on this list, especially aliases, as time will pass and you may need the information in the future.