DEV Community

Ben Halpern
Ben Halpern

Posted on

What personal privacy/security measures do you take?

Top comments (36)

tribex profile image
Joshua Bemenderfer

I don't talk to anyone. Does that count? :P

paragoniescott profile image
Scott Arciszewski
  1. I keep my software up to date. If you do nothing else on this list, do that.
  2. I use Signal.
  3. For Windows before 10, I used to use EMET. It blocked a few Firefox crashes that were either non-reproducible bugs or active exploits over the years. :)
  4. For Linux, I use the grsecurity kernel patches. (I run Debian with the dotdeb repositories for PHP 7.)
  5. I do most of my casual Internet browsing with Tor Browser (via torbrowser-launcher) inside of a virtual machine. Once a site is trusted, I'll actually visit it in my host OS.
  6. I use password managers. Mostly LastPass (for casual use) and KeePass (for high-security use).
  7. I encrypt my hard drives (with a 64-character passphrase) and smartphones (with a passphrase, not a PIN).
onebree profile image

What do you store in Keepass that falls under high security use? Why not just use KP for everything?

ghost profile image
Ghost • Edited

Maybe he just prefers the UI of LastPass over KeePass, and is willing to compromise on some security for usability?

Thread Thread
paragoniescott profile image
Scott Arciszewski


udiudi profile image

One of the biggest measures is not exposing it online like that :)

ziaa profile image
Seyed Zia Azimi

To take it even one step further, Even I did not exposing anything should I write a comment for questions like this at all?!
Some sort of Privacy Paranoia! :D

bahlo profile image
Arne Bahlo
  • Password manager (1Password)
  • 2FA wherever possible
  • Disk encryption (FileVault)
  • Network filter (Little Snitch)
  • File access filter (Little Flocker)
  • Micro/Webcam access warning (Micro Snitch)
  • Persistent install warning (BlockBlock)
  • Being careful when installing software (Brew if available)
  • Block ads (uBlock/1Blocker)
henrebotha profile image
Henré Botha

I do almost nothing, and it's terrible. I should know better.

I've recently started using uBlock Origin. I used Adblock Plus before that, but that was to avoid seeing & loading ads, not to protect myself. Installing uBO was intended as a security & privacy measure.

oneearedmusic profile image
Erika Wiedemann

I've had to increase my laptop security on two different occasions two totally different ways - I'm looking forward to this thread to fill in some gaps.

~5 years ago someone got into and locked me out of several of my social media and email accounts by 1) me not logging myself out at the end of my session (on their computer), and b) successfully guessing my security questions. This was before MFA was near-standard, so I at least implemented my own version with notifications/email. I then set MFA up as soon as it was available. I've beefed up my security questions and use LastPass as a PW manager (that never remembers me). I also only use my own laptop, or another computer I strongly trust. I also have a backup email and phone contact number.

The second time my laptop was physically stolen from my apartment. Luckily I'm confident my password was strong enough, and there was very little data stored on the machine - everything was backed up and also stored in 'the cloud.' Since then I've moved out and encrypted my HDD. I hope to get a kensington lock soon to try and bolt down the machine if I have to leave it at home. The laptop webcam is also covered.

tscs37 profile image
Tim Schuster
  1. Keep up to date
  2. Don't do stupid
  3. Backups
  4. Backups
  5. Backups
  6. Backups
  7. Password Manager
  8. Using the Password Manager
  9. Catch-All Emails to detect and pinpoint leaks (I recommend using a suffix like "-ca" to filter out any spam from Catch-All, google is f.e. "")
  10. U2F
  11. In case 10 fails, 2FA using Google Auth or similar apps
  12. Don't use SMS or DIY-2FA (looking at you Steam)
  13. uMatrix for Malware Domains (not ads)
  14. ABP to block almost malicious ads (enabled acceptable ads because personal reasons)
  15. Backups
  16. Encrypting the important stuff (I don't see the usefulness of fulldisk encryption on anything but portable devices)
nyambol profile image
Michael Powe
  • Private VPN on all devices <------ !!! (I use PIA, but really: they're all so cheap, you're crazy not to use one.)
  • Password Safe for storing/generating passwords (Handy and works on all devices.)
  • Minimum password length 12 characters
  • Don't do business with or give PII to unverifiable sites. Seriously, know who you're doing business with!
  • Whole disk encryption on my linux box (and it is built in on my work laptop)
  • Periodically review list of devices connected to my network, and make sure I can identify who/what they are
  • For streaming accounts, periodically change password and/or kick off any registered devices that I can't identify
  • Set PIN's for online purchases when possible (e.g., Amazon)
  • Hushmail (I don't use this much, but I keep an active paid account just because I want to be able to send encrypted mail sometimes.)
  • Webcam unplugged when I'm not using it
  • My financial information and will, &c are on a hidden VeraCrypt volume. My wife has a poop sheet on how to find it and get into it. The volume itself is on a USB drive.
jakallergis profile image
John A. Kallergis

Whats a poop sheet?

sironfoot profile image
Dominic Pettifer
  • Don't install Flash (or any browser plugins), disable it if a browser comes with it preinstalled (Chrome)
  • Full disk encryption for all devices.
  • Password manager (1Password) with unique passwords for every service.
  • Use devices that have biometric login (e.g. Fingerprint) so people don't see you typing in your password, and it's not recorded by a security cameras (may sound silly but think this will become a new attack vector in the future).
  • Try to point computer screens away from windows (as in the glass kind, not the OS). All it takes is a competitor renting an office opposite yours, and armed with a high powered telescopic camera.
  • Use an AdBlocker.
  • Try to get all my software from official app stores (Mac App Store)
steveloughran profile image
Steve Loughran

Two tier network at home: DMZ for consumer stuff, "critical" for work. iPhone over android. Moving to yubikey for auth and code signing. Make sure that second-hand cars we buy don't come with adobe flash.

Still vulnerable to leakage of personal data from many sites, and wilful actions of installed phone apps like airline check in ones. Run 1+ of: Maven, apt-get or brew every single day on that critical development laptop

If I consider where I am most vulnerable, it is in that automated download and execution of developer tools and application libraries, To put it another way: the code I've written over the years runs on thousands of developer boxes every day. These people are relying not just on my competence, but my goodwill and the quality and detail of the peer review process in those OSS projects.


fezvrasta profile image
Federico Zivolo
  1. Update software regularly
  2. Use 2FA wherever possible
  3. Use complex passwords generated by 1Password
  4. I have an interactive firewall on my Macs (HandsOff!)
  5. All the security features of macOS enabled
_saul_ profile image

I got a aluminum baseball bat in my room, althought i think its for softball. Two-step verification and secondary email account and phone number. Linux (Debian) my main OS. Is it weird that i don't trust password managers? i mean, i rather memorize the passwords, even if there are a lot. I use AdBlock, but im guilty of whitelisting some of my favorite content creators.

ssmusoke profile image
Stephen Senkomago Musoke
  1. Use different passwords for each service

  2. Keep software up-to-date

  3. Only use a single card for online purchases, hidden behind Paypal

  4. Use Single Sign On (SSO) for a secondary social media account, rather than my primary email address

  5. Do not use public computers for access

  6. Encrypt hard drives

  7. Do not put anything online that I do not want there

  8. Notifications on accounts so that I know what is going on with my account at all times

  9. 2 factor authentication where possible

ennor profile image
Enno Rehling (恩諾)

All the normal stuff (password manager, encryption), plus I unsubscribe from every online service that gets pwned, or is otherwise using bad security practices (like, sends forgotten passwords over email). And yes, that means I can no longer have a Tumblr, LinkedIn, or Adobe account, but these are the breaks.

mathur_anurag profile image
Anurag Mathur 
  1. All software updated. Work windows laptop protected with AV/ Firewall/ Host IDS/Disk Encryption. Home MBP always updated with disk encryption.
  2. Always use HTTPS
  3. I use iPassword to manage and generate passwords.
  4. Always logout at the end of session from any website.