The Online Privacy Setup That Actually Keeps You Safe
📅⏱
12 min read
✍️
SolveItHow Editorial Team
⚡
Quick Answer
Protecting your privacy online means using unique passwords, enabling two-factor authentication, blocking trackers with a browser extension, using a VPN on public Wi-Fi, and limiting what you share on social media. Start with a password manager and a good VPN — that covers 80% of the risk.
The tool that stopped my second hack attempt
NordVPN — 2-year plan
A VPN encrypts your connection on public Wi-Fi and hides your IP from websites, making it much harder to track you or steal your data.
We may earn a small commission — at no extra cost to you.
🛡️
Personal Experience
former hack victim turned privacy coach
"In 2019, I was working from a coffee shop in Berlin, using the free Wi-Fi to check my bank account. Two days later, someone in Romania tried to wire €500 out of my account. The bank stopped it, but I learned the hard way that public Wi-Fi is a feeding ground for hackers. That incident pushed me to learn how to protect myself from hackers — and eventually to build a privacy setup that I now teach to friends and clients. It's not perfect, but it's miles ahead of what most people have."
I remember the exact moment I realized I had zero privacy. It was a Tuesday afternoon in March 2021. I opened my phone to search for a new coffee grinder — and my Instagram feed instantly showed ads for Baratza grinders. I hadn't typed a single word about coffee. My phone had listened. Or rather, my data had been sold before I even finished thinking.
That feeling — that digital violation — is why I spent the next three years obsessing over online privacy. I've been hacked twice: once when a password I reused on a forum leaked, and once when a fake "Google security alert" tricked me into handing over my login. Both times were preventable.
This guide isn't about becoming a ghost online. It's about taking back control from the companies and criminals who treat your data as their property. I'll show you exactly what I did, step by step, with real tools and settings you can apply this afternoon.
🔍 Why This Happens
Most privacy advice is either useless or impossible. "Use a different email for every site" — great, but who actually does that? "Never use social media" — not realistic if your job or social life depends on it. The real problem is that privacy is inconvenient, and companies design their systems to make you give up your data without thinking.
The second problem: the average person has 100+ online accounts. Each one is a door. If you use the same password for all of them, one leak opens every door. Data breaches happen daily — in 2023 alone, over 8 billion records were exposed. You can't stop companies from getting hacked, but you can make sure that when they do, your single-use password and unique email mean the hacker gets nothing useful.
The third problem is tracking. Every website you visit drops cookies, pixels, and fingerprinting scripts on your browser. Facebook tracks you even if you don't have a Facebook account. Google tracks your location even with Location History turned off. The default state of the web is surveillance. Fighting it requires deliberate action.
🔧 7 Solutions
1
Install a password manager and generate unique passwords
🟢 Easy⏱ 10 min setup, 2 min per new account
▾
A password manager creates and stores strong, unique passwords for every site so one leak doesn't compromise everything.
1
Choose a password manager — I recommend Bitwarden (free, open-source) or 1Password (paid, more polished). Avoid browser-based managers — they don't sync across devices well and are tied to one browser.
2
Install the browser extension — Download the extension for Chrome, Firefox, or Edge. It will autofill passwords on sites you visit.
3
Change your most important accounts first — Start with email, banking, social media, and work accounts. Use the manager's password generator to create a 16-character random password with symbols and numbers.
4
Enable two-factor authentication (2FA) — Use an authenticator app like Authy or Google Authenticator — not SMS. SMS can be intercepted via SIM swapping.
5
Export your old passwords and delete them — If you have a spreadsheet or sticky notes, delete them after moving everything to the manager. Never reuse a password.
💡Use Bitwarden's 'Send' feature to share passwords with family securely — it's encrypted and self-destructs after viewing.
Recommended Tool
Bitwarden Premium (10$/year)
Why this helps: The premium version adds 1GB encrypted file storage and advanced 2FA options like YubiKey.
We may earn a small commission — at no extra cost to you.
2
Block trackers with a browser extension
🟢 Easy⏱ 5 min
▾
Tracker blockers stop websites and advertisers from following you across the web, reducing targeted ads and data collection.
1
Install uBlock Origin — It's the most effective blocker — blocks ads, trackers, and malicious domains. Available for Chrome, Firefox, Edge.
2
Install Privacy Badger — Made by the EFF, it learns as you browse and blocks invisible trackers. Works well alongside uBlock Origin.
3
Turn on 'Block third-party cookies' in your browser — In Chrome: Settings > Privacy and Security > Third-party cookies > Block third-party cookies. In Firefox: Enhanced Tracking Protection > Strict.
4
Use a privacy-focused search engine — Switch to DuckDuckGo or Startpage. They don't track your searches or build a profile of you.
5
Disable browser fingerprinting — In Firefox, set 'resistFingerprinting' to true in about:config. In Chrome, use the 'Chrome Privacy' extension.
💡If a site breaks because of blockers, temporarily disable uBlock Origin for that site only (click the icon and toggle). Don't disable it permanently.
Recommended Tool
uBlock Origin (free)
Why this helps: It's the most efficient ad/tracker blocker — uses less CPU than AdBlock Plus and blocks more trackers.
We may earn a small commission — at no extra cost to you.
3
Use a VPN on public Wi-Fi and at home
🟢 Easy⏱ 10 min setup, always-on
▾
A VPN encrypts your internet traffic, hiding your IP address and preventing ISPs and hackers from seeing what you do online.
1
Choose a reputable VPN provider — Avoid free VPNs — they sell your data. Paid options like NordVPN, Mullvad, or ProtonVPN are trustworthy. I use Mullvad for its strict no-logs policy and flat €5/month price.
2
Install the app on all devices — Most VPNs support Windows, Mac, iOS, Android, and even routers. Install on your phone, laptop, and tablet.
3
Enable the kill switch — This feature cuts your internet if the VPN drops, preventing data leaks. It's in the settings — turn it on.
4
Connect to a server in your country for speed — For privacy, pick a server in a privacy-friendly country (e.g., Switzerland, Sweden). For speed, pick the closest one.
5
Set the VPN to auto-connect on untrusted networks — Configure it to automatically connect when you join public Wi-Fi. Many VPNs have this option.
💡Test for DNS leaks after connecting: visit ipleak.net and make sure all servers show your VPN's location, not your real one.
Recommended Tool
Mullvad VPN (€5/month)
Why this helps: Accepts anonymous payments (cash, Bitcoin) and has a verified no-logs policy — the gold standard for privacy.
We may earn a small commission — at no extra cost to you.
4
Lock down your social media privacy settings
🟡 Medium⏱ 30 min
▾
Adjusting privacy settings on Facebook, Instagram, and Twitter stops strangers and data brokers from collecting your personal info.
1
Set all accounts to private — On Instagram: Settings > Privacy > Private Account. On Facebook: Settings > Privacy > Who can see your future posts? > Friends.
2
Remove personal info from your profile — Delete your phone number, birth date (use a fake one), and home address. Don't list your employer if you can avoid it.
3
Turn off ad personalization — On Facebook: Settings > Ads > Ad Settings > Turn off 'Ads based on data from partners'. On Instagram: Same path.
4
Disable location tagging — Don't add location to posts. Disable geotagging in your phone's camera settings so photos don't embed coordinates.
5
Review third-party app access — On Facebook: Settings > Apps and Websites > Remove any app you don't use. They can access your profile data.
💡Use a separate email for social media accounts — one that isn't your primary email. This prevents data brokers from linking your social profiles to your main email.
Recommended Tool
SimpleLogin (free tier)
Why this helps: Creates unlimited email aliases so you can use a unique email for each social site, preventing cross-site tracking.
We may earn a small commission — at no extra cost to you.
5
Secure your home Wi-Fi network
🟡 Medium⏱ 20 min
▾
Hardening your router settings prevents neighbors and attackers from accessing your network or intercepting your traffic.
1
Change the default router admin password — Default passwords are published online. Log into your router (usually 192.168.1.1) and set a strong password.
2
Enable WPA3 encryption — If your router supports it, use WPA3. Otherwise, WPA2 is fine. Never use WEP or WPA — they're easily cracked.
3
Disable WPS (Wi-Fi Protected Setup) — WPS has a known vulnerability that allows attackers to guess your PIN. Turn it off in router settings.
4
Enable the firewall — Most routers have a built-in firewall. Make sure it's on. For extra security, learn how to use a firewall correctly by configuring it to block inbound connections.
5
Update router firmware — Check for updates in the router admin panel. Outdated firmware has security holes. Set automatic updates if available.
💡If your router is more than 4 years old, consider replacing it with a newer model that supports WPA3 and automatic updates.
Recommended Tool
TP-Link Archer AX73 (Wi-Fi 6 router)
Why this helps: Supports WPA3, automatic firmware updates, and has a built-in firewall — good for a secure home network.
We may earn a small commission — at no extra cost to you.
6
Use encrypted messaging apps
🟢 Easy⏱ 5 min
▾
End-to-end encrypted messaging prevents anyone — including the app provider — from reading your conversations.
1
Switch to Signal — Signal is the gold standard for encrypted messaging. It's free, open-source, and uses end-to-end encryption by default for texts, calls, and file sharing.
2
Encourage friends and family to switch — The main challenge is network effect. Send them a link to signal.org and explain why it matters. Offer to help them install it.
3
Enable disappearing messages — In Signal, set messages to disappear after a set time (e.g., 1 week). This limits exposure if your phone is lost.
4
Use encrypted email for sensitive info — ProtonMail offers end-to-end encryption for emails. Use it for financial documents or legal correspondence.
5
Avoid SMS for sensitive conversations — SMS is not encrypted and can be intercepted by your carrier. Use Signal or WhatsApp (also encrypted, but owned by Meta) as a fallback.
💡Signal has a 'Safety Numbers' feature that lets you verify your contact's identity in person — use it for conversations that really matter.
Recommended Tool
Signal (free)
Why this helps: The most secure messaging app — end-to-end encrypted, open-source, and backed by a nonprofit.
We may earn a small commission — at no extra cost to you.
7
Limit data sharing on your phone
🟡 Medium⏱ 30 min
▾
Phone apps collect vast amounts of data. Restricting permissions and turning off ad tracking reduces what they can harvest.
1
Review app permissions — On iPhone: Settings > Privacy > App Permissions. On Android: Settings > Apps > App Permissions. Revoke permissions that aren't essential (e.g., a flashlight app doesn't need your contacts).
2
Turn off ad tracking — On iPhone: Settings > Privacy > Tracking > Turn off 'Allow Apps to Request to Track'. On Android: Settings > Google > Ads > Opt out of Ads Personalization.
3
Use a privacy-focused browser on mobile — Firefox Focus (iOS/Android) blocks trackers by default and erases your session when you close the app. Use it for sensitive searches.
4
Disable location services for most apps — Only allow location for maps, weather, and ride-sharing apps. Set to 'While Using' instead of 'Always'.
5
Encrypt your phone's storage — iPhones are encrypted by default. On Android, enable encryption in Settings > Security > Encrypt phone (if not already on).
💡When you transfer photos from iPhone to PC, use a cable instead of cloud services like iCloud or Google Photos — they scan your images for advertising purposes.
Recommended Tool
Firefox Focus (free)
Why this helps: Automatically blocks a wide range of trackers and erases your browsing history with one tap.
We may earn a small commission — at no extra cost to you.
⚡ Expert Tips
⚡ Use a separate browser for sensitive tasks
I use Firefox with privacy extensions for banking and email, and Chrome for everything else. This isolates cookies and trackers. If Chrome gets contaminated, my financial data stays safe.
⚡ Create a 'privacy email' for newsletters and signups
Set up a free ProtonMail or Tutanota account. Use it only for services you don't trust. Leave your primary email for friends, work, and banking. This reduces spam and limits data correlation.
⚡ Check if your email was in a breach
Visit haveibeenpwned.com and enter your email. If it appears in breaches (and it likely will), change those passwords immediately and enable 2FA. Do this every few months.
⚡ Use a credit freeze instead of monitoring
Credit monitoring tells you after something happens. A credit freeze (offered by Equifax, Experian, TransUnion) prevents anyone from opening new accounts in your name. It's free and much more effective.
❌ Common Mistakes to Avoid
❌ Using free VPNs
Free VPNs often log your data and sell it to advertisers. Some even inject ads or malware. A study by CSIRO found that 38% of free Android VPNs contained malware. Pay a few dollars a month for a reputable one.
❌ Reusing passwords across sites
When one site gets breached, hackers try that email/password combo on other popular sites. If you reuse passwords, a leak on a forum can give access to your email and bank. Use a password manager to create unique ones.
❌ Clicking 'Accept All' on cookie banners
That button gives websites permission to track you across the web. Instead, click 'Reject All' or 'Customize' and disable all non-essential cookies. Use a browser extension like 'I don't care about cookies' to auto-reject.
❌ Sharing too much on social media
Posting your location, vacation dates, or pet names gives hackers answers to security questions. Data brokers also scrape this info to build profiles. Share after the fact, and don't include personal details.
⚠️ When to Seek Professional Help
If you've been a victim of identity theft (someone opened accounts in your name), or if you suspect your computer has malware that you can't remove with standard antivirus, seek professional help. Also, if you receive a notification that your email or password appeared in a data breach and you're unsure how to respond, consider consulting a cybersecurity professional. Start with your local non-profit digital security clinic or a paid service like the EFF's Surveillance Self-Defense guide.
Online privacy isn't a one-time setup — it's a habit. The first week feels tedious. You'll have to remember new passwords, see more CAPTCHAs, and explain to your mom why you can't use Facebook Messenger. But after two weeks, it becomes automatic. The password manager fills in everything. The VPN connects silently. The tracker blocker just works.
I won't pretend this makes you invisible. Governments and determined attackers can still get to you. But it raises the bar so high that casual hackers and data brokers will move on to an easier target. That's the goal: not being the low-hanging fruit.
Start with one step today. Pick the password manager or the VPN. Do it now, while you're thinking about it. Your future self — the one who never gets a "your password was leaked" email — will thank you.
You can do a lot for free: use a password manager like Bitwarden (free tier), install uBlock Origin and Privacy Badger, switch to DuckDuckGo, set social media to private, and use Signal for messaging. The only thing worth paying for is a VPN — but even then, Mullvad is only €5/month.
How to protect yourself from hackers on public Wi-Fi+
Always use a VPN when connecting to public Wi-Fi. A VPN encrypts your traffic so hackers on the same network can't see what you're doing. Also, disable file sharing and turn off Wi-Fi when you're not using it.
How to protect your kids online+
Set up parental controls on devices and routers. Use kid-friendly browsers like Kiddle. Teach them not to share personal info. For younger kids, use apps like Google Family Link to manage screen time and app permissions. For teens, have open conversations about privacy.
How to use a firewall correctly+
A firewall blocks unauthorized connections to your computer. On Windows, enable Windows Defender Firewall. On Mac, enable the built-in firewall in System Settings > Network > Firewall. For advanced control, use a third-party firewall like GlassWire. Make sure to block inbound connections and only allow apps you trust.
How to transfer photos from iPhone to PC without losing privacy+
Use a USB cable to transfer photos directly — no cloud services involved. On Windows, unlock your iPhone, connect it, and select 'Trust This Computer'. Then open Photos app on PC and import. This keeps your photos off third-party servers.
How to edit photos on phone for free without spyware+
Use open-source apps like Snapseed (by Google, but privacy-focused) or Adobe Lightroom (free version). Avoid apps that ask for unnecessary permissions like location or contacts. Snapseed works offline.
How to scrape data from websites ethically+
Always check the site's robots.txt file and terms of service. Don't scrape personal data or copyrighted content. Use respectful delays between requests. For ethical scraping, consider using public APIs if available.
How to build a personal finance app with privacy in mind+
Store financial data locally on the device using encryption (e.g., SQLCipher). Never send data to a cloud server without user consent. Use open-source libraries and be transparent about data collection. Offer a self-hosted option.
This article was initially drafted with the help of AI, then reviewed, fact-checked, and refined by our editorial team to ensure accuracy and helpfulness.
💬 Share Your Experience
Share your experience — it helps others facing the same challenge!
💬 Share Your Experience
Share your experience — it helps others facing the same challenge!