I have to be honest I’m shit at caring about my online privacy. I use Two Factor Authentication in general but haven’t made much effort to do all the other stuff.

Do folks here have things like VPNs on all the time. Use indie browsers etc?

Considering I’ve dropped social media, I duck into Insta once a month to check on bands…

Anyhoo, how are people managing their privacy!

I honestly never cared too much.

I just try to be registered in the lowest number of sites as possible, just to avoid my email being full of crap mails.

Never used social media.

I have to accept cookies if I want to check something... yeah, whatever, I click yes. Meh

Two step is good so long as on is not biometric, which in some ways is less secure than passwords+.

I don't do any "banking" on my phone (my actual bank, app or internet), no mobile banking, no mobile wallet (Apple Pay et al) I do my banking from my laptop only.

But I do have Venmo, for the plug.

This could be taken two ways: are you talking about cyber security and keeping your credentials safe, or do you mean not giving away your info and browsing habits to Big Data?

enframed wrote: Sat Jul 26, 2025 10:30 am Two step is good so long as on is not biometric, which in some ways is less secure than passwords+.

now that i'm fat and bald, my drivers license doesn't even look like me. i can't withdraw my robinhood funds online at the moment lol

I don't do any "banking" on my phone (my actual bank, app or internet), no mobile banking, no mobile wallet (Apple Pay et al) I do my banking from my laptop only.

ok my kids are the same way and i don't get it. help me understand. do you enjoy pulling your cards out for every little transaction? of course, you started adulthood with a wallet, but my kids don't even do wallets. so they have no excuse.

But I do have Venmo, for the plug.

not sure what the plug is.

I don’t do well.

Identity has been stolen multiple times.

Credit is double secret locked down due to my info being everywhere on the dark web.

At this point, it doesn’t matter.

hbiden@onlyfans.com wrote: Sat Jul 26, 2025 5:41 pm

enframed wrote: Sat Jul 26, 2025 10:30 am Two step is good so long as on is not biometric, which in some ways is less secure than passwords+.

now that i'm fat and bald, my drivers license doesn't even look like me. i can't withdraw my robinhood funds online at the moment lol

I don't do any "banking" on my phone (my actual bank, app or internet), no mobile banking, no mobile wallet (Apple Pay et al) I do my banking from my laptop only.

ok my kids are the same way and i don't get it. help me understand. do you enjoy pulling your cards out for every little transaction? of course, you started adulthood with a wallet, but my kids don't even do wallets. so they have no excuse.

But I do have Venmo, for the plug.

not sure what the plug is.

For little transactions I use cash.

The plug is a drug dealer. It was a joke. I just use cash if I'm buying drugs, but I haven't done that in a long time.

I really need to get a VPN setup. I am so sick of the apps showing my social media off to coworkers and vice versa, and I really don’t want to have conversations about musical projects on the clock. I created a FB I never used ages ago for family and to distract the normies so people don’t think I’m a serial killer, but I resent it all.

So I’m thinking a VPN on my personal laptop, which is disconnected from my phone and all but a burner e-mail address, will give me a little more privacy and all allow a public profile without notifying all@refinery.com when I create it.

Okay, here’s what I do:

I use BitWarden as a password manager. It also offers a built-in generator with the level of password complexity you seek. It’s secure, and it’s free. There is a phone app as well as a desktop app, and they can be synced across platforms.

Every single password I have is unique to that specific login. This way, if there is a data breach, it is largely limited to that one account. As programs have gotten “smarter,” some password-cracking rigs can go through over 100 trillion guesses per second. So the more lengthy and complicated the password, the better. This is why a password manager is helpful. Also, don’t share passwords. Just don’t. If you really want to split a streaming service with someone else, make sure that password is secure and change it at least once a year.

I set up passkeys whenever possible. It is much harder for hackers to bypass biometrics and authenticators (I use Aegis because I try to avoid Google apps, but there are others out there as well). 2-factor authentication is better than not, but it is getting easier for hackers to mirror phone numbers and have the 2FA codes sent to them through “your” number.

I fill out as little information when forming an account as possible, and don’t use my legal name unless it is absolutely necessary. Most of the time, it’s not. Amazon isn’t going to object that your name isn’t really Rip Van Winkle and will happily take your money.

I use a dummy email account to sign up for mailing lists (named something cheeky to entertain myself), and have them auto-forwarded to my real email account. This way I don’t have to check multiple email addresses to read the emails I want to receive. Also, this way, if my sign-up address gets farmed out to other lists, it won’t clog up my spam folder or further jeopardize my online security.

I use a secure email service as my primary email account. So, no Gmail, no Yahoo, no Hotmail. You want end-to-end and zero-access encryption. There are several acceptable options out there, many free up to a certain storage amount, which is perfect for most people.

I use Google as little as possible. All Google-based apps that I can’t delete are disabled on my phone. Mozilla, Brave, and DuckDuckGo are my web browsers of choice. I have found alternatives to Google Chrome, Google Drive, Google Docs, Google Calendar, Google Maps, Google Home, Google Chromecast, Google Authenticator, Google Translate, etc. They have similar formats so there is no learning adjustment curve. The “deGoogle” subreddit is a good resrouce for this and more, depending on how close to Witness Protection Program-level secure you want to get. Most people can’t avoid Google entirely (I have to use it for work), but reducing your Google footprint is recommended, since they don’t give a shit about selling your data to anyone and everyone.

I use CleanTube to watch videos on YouTube ad-free and tracking-free. DuckDuckGo also has a DuckPlayer, which is a way to watch YouTube videos without the algorithm tracking everything you watch. I stopped making YouTube playlists and instead bookmark the URLs in my browser and save them in folders… essentially making my own largely algorithm-free playlists.

I use NordVPN on my desktop and my phone. I knew Google was a problem when it wouldn’t let me cast to my TV with the VPN on (even though it was pinging to another USA location). For a long time I just used a browser extension VPN, but that really didn’t cut it. I had to stop being a cheapskate and fork over a few dollars for actual protection. It’s cheaper than what it costs to have my identity stolen. NordVPN had a great Black Friday deal last year, and I ended up getting a year’s subscription for 85% off.

I know I sound paranoid when I write this. It was easier to stick my head in the sand and pretend no one was going to try to hack into my stuff, then complain about how the world is going to hell in a handbasket and whatnot. And it’s certainly easier to be proactive than to work backwards... It was horrifying to me than to search for my legal name on a web browser and have dozens of web sites pop up that list my full name, residence, and phone number. Even if I have nothing to hide, I don’t need it to be so easy for any Joe Schmo to find where I live. I actually paid for a service to scrub that information from the web, submitted individual complaints to Google for each site sharing my personal info to have them taken down, and used it all as a massive learning opportunity to stop being complacent. Yes, it’s a lot of drudge work initially, and yes, it sucks. But once it’s established, it’s largely hands-off. And your info is no longer low-hanging fruit.

goddess_of_ice wrote: Wed Jul 30, 2025 1:10 pm I know I sound paranoid when I write this.

Doesn't sound paranoid to me, FWIW. We've just been boiling in this complete lack of data privacy / control for long enough that trying to assert it again sounds like a lot.