Tools and practices for protecting your digital privacy
25 cards · security
Sign up to start studying this deck
| Front | Back |
|---|---|
| End-to-end encryption | Only endpoints can decrypt; intermediaries cannot Protects message content from providers and networks. Use apps that implement it by default. |
| Forward secrecy | Compromised keys can't decrypt past sessions Uses ephemeral keys so old traffic stays safe even if a long-term key leaks. |
| Password manager | Stores and generates unique, strong passwords Reduces reuse and weak choices; syncs securely across devices. |
| Unique passwords | Use a different password for every account Prevents a single breach from compromising other logins. |
| Passphrases | Long passphrases beat short complex strings Length is key; use several random words rather than forced complexity. |
| Multi-factor authentication | Add a second factor; cut account takeovers dramatically Prefer app-based codes or hardware keys over SMS when available. |
| Hardware security keys | Phishing-resistant authentication using FIDO/WebAuthn Keys bind logins to the site’s origin, stopping credential phishing. |
| SMS codes | Vulnerable to SIM swap and interception Choose authenticator apps or hardware keys whenever possible. |
| VPN | Encrypts traffic to its server; hides from local networks The VPN can still see destinations; it is not an anonymity tool. |
| Threat modeling | Identify assets, adversaries, and mitigations Plan defenses based on who might target you and what you need to protect. |
| Tor | Routes traffic through relays to hide your IP Onion routing separates identity from destination for stronger anonymity. |
| Tor exit node | Exit nodes can see plaintext without HTTPS Always use HTTPS to protect content beyond the Tor network. |
| Safety number verification | Verifying contacts prevents man-in-the-middle Compare verification codes in person or via a trusted channel. |
| Metadata | Information about communication, not its content Includes who, when, and where; often unencrypted and highly revealing. |
| Traffic analysis | Inference from communication patterns and timing Even with encryption, sizes and times can expose relationships. |
| Data minimization | Collect, use, and keep only what is necessary Reduces exposure in breaches and legal demands; a GDPR core principle. |
| Third-party cookies | Enable cross-site tracking by outside domains Blocking them limits profiling across different websites. |
| Browser fingerprinting | Identify you via unique browser and device traits Reduce entropy and use built-in anti-fingerprinting protections. |
| Private browsing | Clears local history; not hidden from sites or ISPs Good for shared devices; not an anonymity or VPN substitute. |
| HTTPS | Encrypts web traffic and authenticates the site Prevents eavesdropping and tampering between you and the website. |
| DNS encryption | DoH/DoT encrypt DNS queries to the resolver Hides lookups from local observers; your resolver still sees them. |
| Tracker blocking | Blocks ads and trackers that profile you Reduces cross-site tracking and can speed up page loads. |
| App permissions | Grant only necessary access to data and sensors Review and revoke unneeded permissions; limit background access. |
| Device encryption | Full-disk encryption protects data if lost or stolen Combine with a strong passcode and auto-lock for better protection. |
| Compartmentalization | Separate identities, devices, and profiles to limit linkage Use different emails, browser profiles, or VMs for distinct roles. |