Why Online Privacy Still Matters

Privacy isn't about having something to hide — it's about having control over your own information. In a world where data brokers, ad networks, and cybercriminals all have financial incentives to collect as much about you as possible, taking basic steps to protect your digital footprint is a practical act of self-defense. The good news: you don't need to be a security expert to make meaningful improvements.

Start With Your Passwords

Weak or reused passwords remain one of the most common ways accounts get compromised. The fix is straightforward:

  • Use a password manager. Tools like Bitwarden (free and open-source), 1Password, or the built-in managers in Chrome and Safari generate and store strong, unique passwords for every site.
  • Never reuse passwords across different services. If one site is breached, every account sharing that password is at risk.
  • A strong password is long (16+ characters), random, and unique. You don't need to remember it — your password manager does that for you.

Enable Two-Factor Authentication (2FA)

2FA adds a second layer of verification beyond your password. Even if someone steals your password, they can't log in without also having access to your second factor.

  • Best option: An authenticator app like Aegis (Android), Raivo (iOS), or Google Authenticator generates time-sensitive codes.
  • Good option: A hardware key like a YubiKey for your most critical accounts.
  • Acceptable but weaker: SMS codes — better than nothing, but vulnerable to SIM-swapping attacks.

Enable 2FA on your email, banking, and social media accounts at minimum.

Review App Permissions Regularly

Apps on your phone often request far more access than they need. A flashlight app doesn't need your contacts. A game doesn't need your location.

  • On iPhone: Settings → Privacy & Security — review permissions by category.
  • On Android: Settings → Apps → Permissions Manager.

Revoke any permissions that don't make sense for the app's function.

Use a More Private Browser and Search Engine

Your browser and search engine collect significant data about your habits. Consider these alternatives:

  • Browser: Firefox (with uBlock Origin installed) or Brave offer strong privacy defaults without sacrificing usability.
  • Search engine: DuckDuckGo or Startpage deliver real search results without building a profile on you.

Be Careful With Public Wi-Fi

Public Wi-Fi networks in coffee shops, hotels, and airports are convenient but risky. Data sent over unencrypted networks can be intercepted. Mitigations include:

  • Using a reputable VPN (Virtual Private Network) when on public networks. This encrypts your traffic even on insecure connections.
  • Avoiding accessing banking or sensitive accounts on public Wi-Fi when possible.
  • Preferring your phone's mobile data over unknown Wi-Fi for anything sensitive.

Audit What You Share on Social Media

Social media is designed to encourage sharing — often more than is wise. Practical steps:

  • Review your profile's privacy settings and limit who can see your posts and personal details.
  • Avoid sharing location data in real time (wait until after you've left a place).
  • Be skeptical of quizzes, personality tests, and third-party apps requesting access to your account — these often harvest data.

Check for Data Breaches

Visit haveibeenpwned.com and enter your email address to see if it's appeared in any known data breaches. If it has, change the affected account's password immediately and enable 2FA.

A Priority Order for Getting Started

  1. Set up a password manager and update your 5 most important account passwords.
  2. Enable 2FA on email and banking accounts.
  3. Install uBlock Origin in your browser.
  4. Review and revoke unnecessary app permissions on your phone.
  5. Run your email through HaveIBeenPwned.

Privacy improvement is a process, not a single action. Start with step one, work through the list over a few weeks, and you'll have significantly reduced your exposure to the most common threats.