Staying safe and private online

I do lots of things to keep myself as secure and private as I can online – so many that I figured I’d make a list.

Securing my devices

  • make sure all my devices are fully encrypted – that includes all phones, tablets, laptops, and external hard drives (plus some USB sticks)

  • make sure all my data is backed up – and where it’s backed-up it is encrypted at rest (my cloud backup tool of choice is Arq and I use a local Synology NAS and Google Coldline as my backup locations)

  • make sure I have USB recovery drives for my all Windows installs

  • make sure my computer is kept proactively and reactively secure using anti-virus and anti-malware tools (my AV tool of choice is the pre-installed Windows Defender and my anti-malware tool of choice is Malwarebytes)

Securing my internet connection

  • configure my router to use a secure, private DNS server (CloudFlare’s or Google’s Public DNS

  • configure my Android phone to use a secure, private DNS server when on 4G (on the latest Android phones go to: Settings > Networks & Internet > Advanced > Private DNS)

  • use a VPN whenever I’m on an even slightly insecure network – on both my laptop and smartphone (my VPN provider of choice is Mullvad)

  • turn on my router’s guest network (with network isolation) and connect all my non-computer internet-connected gadgets (TV, Blu-ray player, cable set top box, etc) through that

  • use an advanced router that supports enterprise-level intrusion prevention (in my case I use a Synology router and their Intrusion Prevention app)

Securing my browser

Update: Check out my follow-up post for my list of ‘Firefox extensions for privacy and security’.

Securing my online accounts

  • use a password manager to generate and store long, secure, unique passwords for all my accounts (my password manager of choice is LastPass)

  • use two-factor authentication to keep as many of my accounts as possible secure (check the excellent Two Factor Auth List to see which accounts and services you can set up two-factor authentication for)

  • keep a regular, close eye on the data that various online services and social networks have on me by going through their ‘security check-up’ processes (eg Google’s excellent Privacy Check-up)

  • check all my email addresses on Have I Been Pwned to see which online services that I have an account with have had their user data stolen – also sign up to their ‘Notify me’ service to get an alert every time any of my email addresses is found in a newly stolen user data set

Always be learning

  • keep up with the latest in security via things like the Security Now podcast, several blogs, and a bunch of security-related mailing lists

  • check the EFF’s Surveillance Self-Defense website for the latest guides

  • consider switching to “ethical, easy-to-use and privacy-conscious alternatives” to social media networks, online services, and software using the comprehensive (and growing) list on