Important tools to improve your privacy and security

Getting privacy and security right doesn't require perfection. With a few well-chosen tools and good habits, you can significantly reduce risk across your devices and online accounts.

Passwords and authentication

Getting started with password management

• Use a password manager to generate and store unique, long passwords for every site and service.
• Create a strong master password and keep it secret; consider using a passphrase.
• Enable two-factor authentication (2FA) wherever possible.
• Prefer authenticator apps (such as Google Authenticator or Authy) or hardware security keys (FIDO2/WebAuthn) over SMS-based codes.

Strengthening access with hardware keys and 2FA

• Hardware security keys provide strong protection against phishing and credential theft.
• Use 2FA on your most important accounts (email, financial services, cloud storage) to add an extra security layer.

Secure communications

End-to-end encryption basics

• Choose messaging apps that provide end-to-end encryption by default (for example, Signal).
• Be mindful that metadata (who you talk to and when) can still reveal patterns even if messages are encrypted.

Email and other private channels

• For email, consider providers and tools that support encryption in transit, and explore user-friendly options like end-to-end encryption for specific use cases.
• For advanced users, learning about PGP/GPG or S/MIME can offer additional control, though it requires key management.

Browsing and tracking protection

Harden your browser and settings

• Use a privacy-minded browser (e.g., Firefox or Brave) and tighten settings: block third-party cookies, limit fingerprinting, enable HTTPS-Only mode where available.
• Turn on browser protections that block trackers and ads, and consider Do Not Track with a grain of salt.
• Use a privacy-focused search engine when convenient.

Extensions and protections

• Add privacy extensions judiciously: tracker blockers and script controls can reduce data leakage, but may break site functionality.

Private networking and devices

When and how to use a VPN

• A reputable VPN can protect on public Wi-Fi and reduce casual surveillance; choose a provider with a transparent no-logs policy and strong privacy practices.
• Avoid trusting VPNs with more data than necessary; understand what is logged and where data may flow.

Other network/privacy tools

• For high-sensitivity usage, consider Tor, understanding it can slow browsing and may be blocked by some sites.
• Enable DNS over HTTPS (DoH) or DNS over TLS (DoT) to encrypt DNS queries where supported.

Device security basics

• Keep devices updated with the latest security patches and enable automatic updates.
• Enable screen lock and remote wipe where possible.
• Turn on full-disk encryption (BitLocker on Windows, FileVault on macOS, LUKS on Linux).

Backups, encryption, and device security

Encrypted backups and recovery

• Regularly back up important data to encrypted backups (offline or trusted cloud storage with encryption).
• Verify you can restore data from backups in case of device loss or failure.

Permissions and access control

• Review app permissions and minimize access to data and sensors you don’t need.
• Use reputable security software where appropriate, and be cautious with unknown apps.

Getting started: quick-start plan

• Pick a password manager and set a strong master password.
• Enable 2FA on your most important accounts.
• Enable device encryption and a secure lock screen.
• Use a privacy-focused browser with tracking protections and consider a DoH-enabled DNS.
• If you frequently use public Wi-Fi, evaluate a reputable VPN and learn the basics of encrypted communications.