Skip to main content
← All posts

Tech Tips

The 10-Minute Online Privacy Checklist Everyone Should Run

You don't need a hoodie and a Faraday cage. Ten small changes get you 80% of the way to real privacy. Set aside 10 minutes right now and knock these out.

1. Password manager — non-negotiable

Install Bitwarden (free) or 1Password. Generate unique passwords for every account. Reusing passwords is the single biggest cause of hacked accounts.

2. Turn on 2FA everywhere important

At minimum: email, bank, primary social accounts. Use an authenticator app (Aegis, Raycast, 1Password) — not SMS, which can be SIM-swapped.

3. Check haveibeenpwned.com

Enter your emails. If they show up in breaches, change those passwords now.

4. Lock down Google / Apple / Microsoft account

Each has a "Security checkup" page. Run it. Remove old devices and revoke app permissions you don't recognize.

5. Use a private browser

Firefox or Brave, with uBlock Origin. Blocks trackers and ads. Chrome is fine functionally but is a data-collection product first.

6. Change your default search engine

DuckDuckGo, Kagi, or Startpage. Google's search history is one of the richest personal data trails you leak.

7. Turn off ad personalization

  • Google: myactivity.google.com → Ad Settings → turn off
  • Facebook/Instagram: Settings → Ads → Ad preferences
  • Apple: Settings → Privacy → Apple Advertising → off

8. Review app permissions on your phone

Which apps have location, mic, contacts? Most don't need them.

  • iPhone: Settings → Privacy & Security → Location Services (and Microphone, Contacts, etc.)
  • Android: Settings → Privacy → Permission manager

Revoke anything suspicious. Most "free" flashlight/weather apps sell your location data.

9. Use aliases for signups

Services like SimpleLogin, DuckDuckGo Email Protection, iCloud Hide My Email give you disposable email aliases. Sign up with an alias; when it starts getting spam, kill it.

10. Consider a VPN — but only for real reasons

Not a privacy silver bullet. Useful when:

  • On public Wi-Fi
  • Bypassing geo-restrictions
  • Traveling to censored countries

Mullvad, ProtonVPN, IVPN are trustworthy. Skip free VPNs — you're the product.

What NOT to worry about (usually)

  • Incognito mode "for privacy" — it only hides history from your device
  • Facebook "listening" through your mic — it's actually just very good targeting from other data
  • Tor for regular browsing — overkill and slow

Once a year

  • Run haveibeenpwned again
  • Review authorized apps on Google/Apple/Facebook
  • Delete accounts you no longer use (justdeleteme.xyz helps)

That's it. You just did more than 95% of internet users.

4 min read

More Tech Tips guides