10 Free Ways To Protect Your Privacy Online
July 19, 2021 · written by Giorgio
It can be hard to protect your privacy online. Which social network is tracking you? Which app is accessing your location? Which companies are tracking your browsing habits? The truth is, it’s a lot to keep track of these days. But there are plenty of ways you can take back control of your online identity and privacy.
Your personal information is a valuable commodity. It’s not only the key to your financial identity, but also to your online identity. Knowing how to protect your information — and your identity — is a must in the 21st century. - (Source: www.consumer.ftc.gov)
In this article, we’d like to share with you the tools and best practices we use every day to protect our identity online.
Our approach is nonjudgmental and focuses on compromise rather than absolute privacy.
We know 99.9% of the World is not ready to use Linux as their only Operating System, browse the web with Tor and say goodbye to social network. Thinking that’s possible is ludicrous.
However, each step towards a better handling of your security online is an important one. We swear it’ll be easy and fun! 🚀
Table of contents
Use a password manager
Are you familiar with how websites, especially gov-related ones, always say “choose something you will remember” when typing your password?
Yep… that’s… wrong.
You should not know your password to any web service you use online other than your password manager.
Let that sink in.
If you can remember your password (for example, your date of birth), it means your password is NOT secure.
If a human brain can remember it in 3 minutes, how much time do you think it will take a machine to get it? Exactly.
There are tons of password managers out there. Our favorites are:
- Bitwarden (open source)
- 1Password (great family plan)
- LastPass (industry-standard)
- Nordpass (from VPN-behemoth)
Most of them offer a free trial, and Bitwarden has a very generous free plan you can use to store unlimited passwords.
We discourage the use of browser-based ones, such as Google Chrome Passwords, as they tend to be very liable and not as universal.
For example, you can use Bitwarden from any device, while you can use Google Chrome Password only when using Google Chrome.
This defeats the purpose of having a password manager in the first place.
Also, Google Chrome Passwords are linked to your Google Account, which is not a safe way to store your passwords at all.
Read more about the security risks of using your web browser password manager.
When using a password manager, remember that your master password cannot be retrieved. If you lose it, you lose access to ALL your accounts. Keep it safe, and possibly off-the-cloud, like on a physical hard-drive or piece of paper.
If you want to save it online, use an encrypted and secure cloud.
Use a secure cloud
You should always use an encrypted cloud storage to save your important files.
Encryption technology is scrambling the data you transmit between your device and our servers. This is a highly recommended step for safeguarding your privacy.
While keeping your fun presentations and trivia games on Google Drive is perfectly fine, work documents and reserved papers should be kept elsewhere.
When using a real, security-focused, cloud, the host of the service can’t see your data.
For example, Sync allows for complete end-to-end encryption, which means not even their team can access your files.
That’s why hacking their system won’t get hackers access to your data. They’d need to hack your account specifically.
This secures your files way better than a general cloud service like Google Drive or Dropbox - both unsafe services to store sensitive data.
Other secure cloud storage solutions:
If you own an Apple devices, such as iPhone or iMac, Apple already has some features in place for iCloud to ensure end-to-end encryption for sensitive information.
Those are in no way comparable to the security offering of the solutions mentioned above, but it’s better than nothing.
Use email aliases or temporary emails instead of your real address
Email accounts can make for easy targets. If you’re worried about your email getting hacked, you should consider not having your personal email address attached to it. Use an email alias, or a temporary/throwaway email address.
This might look hard and time-intensive, but it’s literally a single click. It’s actually faster than typing your real email address (depending on your typing speed!).
A service like SimpleLogin can create an email alias for you in less than a second, and you’ll find it next to every email input you find online.
Email aliases can be used to protect your privacy online, save money on business email addresses, and to reply with them.
However, sometimes you just want to subscribe to something, never consider it again and download a free resource.
If that’s the case, instead of using an alias, you can simply create a throwaway email address.
Here are some solutions for that:
Temporary emails are great ways to safeguard your identity online, but please remember those won’t be actual, usable email addresses.
They’re meant to be used and thrown away after a few minutes.
Use a VPN
Virtual private networks, or VPNs, mask your Internet protocol (IP) address to keep you from being connected to your computer or device’s true location.
Connecting to a VPN also protects your data from leaks, hackers, network monitoring, and authorities who try to track you or access private data.
By using a VPN, you can get your internet connection delivered through encrypted connections, which keep your information private and secure.
Also, additional perks of using a VPN include being able to enjoy the full Netflix catalog, watch anime from Japan and other cool add-ons not related to privacy.
VPNs can be extremely cheap, and in some cases they’re free.
You can get a free VPN by using the Brave Browser on Mobile
When on desktop, you can use the Opera Browser, which includes a VPN with four locations completely free of charge. Proton VPN offers a free tier as well.
Please do NOT use free VPNs from unverified sources. Those can be even more dangerous than not using a VPN in the first place.
The ones mentioned in this blog article are reliable and coming from authorities in the space.
If you’ll need more regions or are ready to go premium, here are a few options worth considering:
- Proton VPN
- SurfShark (great family plans)
- ExpressVPN (industry-leader)
- Mozilla VPN
- Namecheap VPN (cheapest)
Mask your credit card
We’re in the era of e-commerce, and most of us don’t even remember our card’s PIN when buying items in a physical shop.
This means hundreds of small stores may be holding your credit card information, and a bad player could access your information there and steal your money.
Luckily, most bank accounts nowadays in the UK, US and big players in Europe are starting to provide throwaway or “aliases” card.
In practice, they allow you to create a different card for each service you subscribe for. It’s basically what SimpleLogin does with emails, but for credit cards.
You will then be easily able to switch the cards on and off to safeguard your main, real card.
In countries where this is not a service offered by banks, you can consider:
They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety - Benjamin Franklin
Enable Two-Factor Authentication
Along with a password manager, two-factor authentication offers another layer of protection. It creates a shorter and stronger passcode that a user must enter in addition to their password in order to gain access to a service.
The passcode is usually generated on another device, which means a bad actor can’t log in your account even if they find your password.
Two-Factor Authentication, also referred as 2FA, is a must for all your applications where private data is stored.
We suggest turning it on for everything you use online, at least for:
- Your social media accounts. Having someone else use your name and social profiles to spread misinformation, hate or embarrassing posts and pics is not something you want to experience;
- Your cloud storage. Remember, those are one of your most sensible assets;
- Your password manager;
- Your company logins;
- Your website logins
As mentioned, 2FA adds a security lawyer by requiring an extra code.
You’ll need an application to generate and store such code.
One of the most popular ones is Google Authenticator, but Google doesn’t have a good track record when it comes to privacy, and we discourage the use of it.
Here are the services we recommend instead:
Use PGP when sending important emails from your insecure client
Pretty Good Privacy (PGP) is a program to encrypt your emails, texts, files.
Emails on Gmail, Yahoo, Outlook and other popular email services are stored in clear text, and PGP can be a solution to keep your emails from being read & analyzed by these big techs.
In PGP, you have 2 keys: the private key that allows you to decrypt the emails and that you should never lose. The public key is public (hence the name) that allows anyone who wants to send you an email to encrypt the email. Only you can then read the encrypted email.
In practice, if someone wants to send you a secret message that only you can read, this person encrypts the message using your public key. - Simplelogin.io
In order to use PGP, you’ll need a service that supports it.
SimpleLogin adds PGP for all the emails sent and receives from your aliases, and it’s one of the most cost-effective solutions to encrypt information in emails.
Also, as the PGP is linked to your aliases, you can keep using your insecure email client (such as Gmail or Outlook) without compromising on your privacy. It’s a win-win.
However, if you do want to try a more privacy-focused and secure email provider, we suggest Proton Mail.
Lots of web professionals and cybersecurity enthusiasts are using Proton Mail daily, and their popularity is growing rapidly.
Their pricing can be hard to justify if you’re a small user, but it can be quite cheap if you’re a business.
Only browse sites with SSL certificates
This shouldn’t even be on the list in 2021, but sadly, some websites still don’t make use of secure HTTPS protocols through the use of SSL certificates.
An SSL certificate is a way to mark certain parts of a site as being secure. You can usually check for an SSL certificate in the URL address bar when you visit the site. Modern browsers will also warn you against browsing the website if they assume it’s not secure.
We suggest to completely avoid websites without an SSL certificate.
Nowadays, you can get one for free, it’s very little hassle and requires a few minutes of setup.
If a business or service provider is not willing to spend a few minutes to make sure your connection to their site is private, they don’t deserve your hard-earned money.
Turn off website trackers
Most websites make use of third-party cookies from popular providers such as Google or Facebook to track your behavior and serve you relevant ads.
Although the large majority of them do that for goodwill and won’t steal your data, the company behind the third-party trackers might (in the example, Google and Facebook).
This topic is controversial as the solution can’t simply be “turn off all ads”, because that would impact small content creators way more than the big tech companies those ad blockers are supposed to fight against.
If you want a fast and easy solution, try these ad-blockers:
However, if you want to sustain your favorite bloggers and YouTubers while keeping your browser pop-up and ad-free, you have several alternatives.
Blockchain and Crypto-rewards
We already mentioned the Brave Browser when talking about VPNs, but they actually have a huge ecosystem that blocks ads AND rewards creators.
What they do is give you the option to watch ads to get rewards. The rewards are in the form of a cryptocoin called BAT.
By simply browsing with Brave and watching a few ads (completely optional) every day, you can get 5-$10 every month.
Once you have the money, in BAT tokens, you can use them to support the creators you prefer.
This gives value to your time, rewards the creators that can’t benefit from you watching their ads anymore, and overall creates a better, healthier ecosystem for everyone.
New blockchain-based social networks like read.cash, hive.blog, odysee.com and publish0x.com are also switching to a creator-focused environment where people are rewarded with an internal coin rather than forcing everyone to watch spammy ads.
If you’re in the UK, there’s a new browser named Gener8ads that does the same thing and is supported by the “Dragons” of the famous UK-based show “Dragons' Den”.
Use alternative search engines
This last one might be a bit extreme for most people, and that’s totally fine. Google is indeed the best search engine out there - no doubt about it.
However, if you think about it, there are already countries where Google is not the in the lead.
Yandex is the most popular search engine in Russia, and Baidu is the one used in China.
20% of our website’s traffic comes from DuckDuckGo, a privacy-first search engine.
Ever notice ads constantly following you around? That’s in part because Google tracks your searches and hides trackers on millions of websites. By contrast, our private search engine doesn’t track your searches and our DuckDuckGo browser extension and mobile app block Google’s (and many other companies’) trackers across the Internet, helping to keep your browsing history more private, as it should be. And that’s just the beginning — by using DuckDuckGo you also escape the manipulation of the filter bubble and can use the Internet faster (after all that tracking code is disabled). - DuckDuckGo website.
If DuckDuckGo is not your thing, you can take a look at these alternatives:
Between the ones mentioned, Presearch is certainly the most interesting for someone that wants to get their feet wet when it comes to cryptocurrencies.
Get rewarded to search
Presearch rewards your searches with PRE tokens, which can already be traded in public exchanges and/or stacked to buy ads on the platform.
Presearch is following the same concept Brave is using for browsing the web: reward creators in a better, meaningful way.
By using their search engine and earning tokens, you can then invest your earnings inside the platform to generate traffic.
All of this is completely ethical and cookie-less, which means the privacy of everyone involved is safeguarded while a profit is still made on all ends.
Once you remove the need to create a profit for a greedy corporation, blockchain-based solutions can better distribute the wealth generated by the network.
In return, the network functions better and is overall more satisfied to use the tool.
We know, we know. It looks hard and time-consuming… but trust us, it’s not.
It would take you less than one hour to set all of this up. And if you limit your commitment to one or two items, even less.
The most important assets you should protect are your email and password, so make sure that if you do go ahead and follow this guide partially you:
- Use email aliases when subscribing to new online services
- Set up secure passwords with a manager
- Use 2FA wherever possible
These three simple steps will also show you going private is not that hard.
Actually, by using aliases with SimpleLogin and a password Manager like Bitwarden, you’ll be able to sign up to new websites way faster!
One click, and you have an email address, another clic, and you have a secure password. Then sign up and you’re in.
It’s actually faster than typing, and has the added benefit of giving you a kill switch for the alias and a secure, long, password.
Also, it removes the need to follow the annoying guidelines of websites, like “minimum 8 characters, at least one uppercase”, etc.
Trust us, from techies, this is easy and will actually be fun and enjoyable once you start.
Let us know if you use any of these services and, if you do, make sure to mention us on Twitter, so we can join the discussion!
If you found this article useful, feel free to follow our Substack Newsletter where we share our articles and industry-related updates and tools. No spam - guaranteed.