Digital Defense
Checklists
Authentication
Web Browsing
Email
Messaging
Social Media
Networks
Mobile Devices
Personal Computers
Smart Home
Personal Finance
Human Aspect
Physical Security
GitHub
Digital Defense
Home
GitHub
Checklists
Authentication
Web Browsing
Email
Messaging
Social Media
Networks
Mobile Devices
Personal Computers
Smart Home
Personal Finance
Human Aspect
Physical Security
Articles
Why security matters?
Security List: Short Version
Helpful Links
Security Gadgets
Privacy-Respecting Software
About
Contributing
License
Author
Contact
More Apps
Settings
About
Theme
Theme
Dark
Light
Night
Cupcake
Bumblebee
Corporate
Synthwave
Retro
Valentine
Halloween
Aqua
Lofi
Fantasy
Dracula
Data
Delete All
Close
Authentication
Use a Strong Password
Don't reuse Passwords
Use a Secure Password Manager
Avoid sharing passwords
Enable 2-Factor Authentication
Keep Backup Codes Safe
Sign up for Breach Alerts
Shield your Password/ PIN
Update Critical Passwords Periodically
Don’t save your password in browsers
Avoid logging in on someone else’s device
Avoid password hints
Never answer online security questions truthfully
Don’t use a 4-digit PIN
Avoid using SMS for 2FA
Avoid using your PM to Generate OTPs
Avoid Face Unlock
Watch out for Keyloggers
Consider a Hardware Token
Consider Offline Password Manager
Consider Unique Usernames
View Full Checklist ➜
Web Browsing
Block Ads
Ensure Website is Legitimate
Watch out for Browser Malware
Use a Privacy-Respecting Browser
Use a Private Search Engine
Remove Unnecessary Browser Addons
Keep Browser Up-to-date
Check for HTTPS
Use DNS-over-HTTPS
Multi-[Session](https://awesome-privacy.xyz/communication/encrypted-messaging/session) Containers
Use Incognito
Understand Your Browser Fingerprint
Manage Cookies
Block Third-Party Cookies
Block Third-Party Trackers
Beware of Redirects
Do Not Sign Into Your Browser
Disallow Prediction Services
Avoid G Translate for Webpages
Disable Web Notifications
Disable Automatic Downloads
Disallow Access to Sensors
Disallow Location
Disallow Camera/ Microphone access
Disable Browser Password Saves
Disable Browser Autofill
Protect from Exfil Attack
Deactivate ActiveX
Disable WebRTC
Spoof HTML5 Canvas Sig
Spoof User Agent
Disregard DNT
Prevent HSTS Tracking
Prevent Automatic Browser Connections
Enable 1st-Party Isolation
Strip Tracking Params from URLs
First Launch Security
Use The Tor Browser
Disable JavaScript
View Full Checklist ➜
Email
Have more than one email address
Keep Email Address Private
Keep your Account Secure
Disable Automatic Loading of Remote Content
Use Plaintext
Don’t connect third-party apps to your email account
Don't Share Sensitive Data via Email
Consider Switching to a Secure Mail Provider
Use Smart Key
Use Aliasing / Anonymous Forwarding
Subaddressing
Use a Custom Domain
Sync with a client for backup
Be Careful with Mail Signatures
Be Careful with Auto-Replies
Choose the Right Mail Protocol
Self-Hosting
Always use TLS Ports
DNS Availability
Prevent DDoS and Brute Force Attacks
Maintain IP Blacklist
View Full Checklist ➜
Messaging
Only Use Fully End-to-End Encrypted Messengers
Use only Open Source Messaging Platforms
Use a "Trustworthy" Messaging Platform
Check Security Settings
Ensure your Recipients Environment is Secure
Disable Cloud Services
Secure Group Chats
Create a Safe Environment for Communication
Agree on a Communication Plan
Strip Meta-Data from Media
Defang URLs
Verify your Recipient
Enable Ephemeral Messages
Avoid SMS
Watch out for Trackers
Consider Jurisdiction
Use an Anonymous Platform
Ensure Forward Secrecy is Supported
Consider a Decentralized Platform
View Full Checklist ➜
Social Media
Secure your Account
Check Privacy Settings
Think of All Interactions as Public
Think of All Interactions as Permanent
Don't Reveal too Much
Be Careful what you Upload
Don't Share Email or Phone Number
Don't Grant Unnecessary Permissions
Be Careful of 3rd-Party Integrations
Avoid Publishing Geo Data while still Onsite
Remove metadata before uploading media
Implement Image Cloaking
Consider Spoofing GPS in home vicinity
Consider False Information
Don’t have any social media accounts
View Full Checklist ➜
Networks
Use a VPN
Change your Router Password
Use WPA2, and a strong password
Keep router firmware up-to-date
Implement a Network-Wide VPN
Protect against DNS leaks
Use a secure VPN Protocol
Secure DNS
Avoid the free router from your ISP
Whitelist MAC Addresses
Change the Router’s Local IP Address
Don't Reveal Personal Info in SSID
Opt-Out Router Listings
Hide your SSID
Disable WPS
Disable UPnP
Use a Guest Network for Guests
Change your Router's Default IP
Kill unused processes and services on your router
Don't have Open Ports
Disable Unused Remote Access Protocols
Disable Cloud-Based Management
Manage Range Correctly
Route all traffic through [Tor](https://awesome-privacy.xyz/networking/mix-networks/tor)
Disable WiFi on all Devices
View Full Checklist ➜
Mobile Devices
Encrypt your Device
Turn off connectivity features that aren’t being used
Keep app count to a minimum
App Permissions
Only install Apps from official source
Be Careful of Phone Charging Threats
Set up a mobile carrier PIN
Opt-out of Caller ID Listings
Use Offline Maps
Opt-out of personalized ads
Erase after too many login attempts
Monitor Trackers
Use a Mobile Firewall
Reduce Background Activity
Sandbox Mobile Apps
Tor Traffic
Avoid Custom Virtual Keyboards
Restart Device Regularly
Avoid SMS
Keep your Number Private
Watch out for Stalkerware
Favor the Browser, over Dedicated App
Consider running a custom ROM (Android)
View Full Checklist ➜
Personal Computers
Keep your System up-to-date
Encrypt your Device
Backup Important Data
Be Careful Plugging USB Devices into your Computer
Activate Screen-Lock when Idle
Disable Cortana or Siri
Review your Installed Apps
Manage Permissions
Disallow Usage Data from being sent to the Cloud
Avoid Quick Unlock
Power Off Computer, instead of Standby
Don't link your PC with your Microsoft or Apple Account
Check which Sharing Services are Enabled
Don't use Root/Admin Account for Non-Admin Tasks
Block Webcam + Microphone
Use a Privacy Filter
Physically Secure Device
Don't Charge Devices from your PC
Randomize your hardware address on Wi-Fi
Use a Firewall
Protect Against Software Keyloggers
Check Keyboard Connection
Prevent Keystroke Injection Attacks
Don't use commercial "Free" Anti-Virus
Periodically check for Rootkits
BIOS Boot Password
Use a Security-Focused Operating System
Make Use of VMs
Compartmentalize
Disable Undesired Features (Windows)
Secure Boot
Secure SSH Access
Close Un-used Open Ports
Implement Mandatory Access Control
Use Canary Tokens
View Full Checklist ➜
Smart Home
Rename devices to not specify brand/model
Disable microphone and camera when not in use
Understand what data is collected, stored and transmitted
Set privacy settings, and opt out of sharing data with third parties
Don't link your smart home devices to your real identity
Keep firmware up-to-date
Protect your Network
Be wary of wearables
Don't connect your home's critical infrastructure to the Internet
Mitigate Alexa/ Google Home Risks
Monitor your home network closely
Deny Internet access where possible
Assess risks
View Full Checklist ➜
Personal Finance
Sign up for Fraud Alerts and Credit Monitoring
Apply a Credit Freeze
Use Virtual Cards
Use Cash for Local Transactions
Use Cryptocurrency for Online Transactions
Store Crypto Securely
Buy Crypto Anonymously
Tumble/ Mix Coins
Use an Alias Details for Online Shopping
Use alternate delivery address
View Full Checklist ➜
Human Aspect
Verify Recipients
Don't Trust Your Popup Notifications
Never Leave Device Unattended
Prevent Camfecting
Stay protected from shoulder surfers
Educate yourself about phishing attacks
Watch out for Stalkerware
Install Reputable Software from Trusted Sources
Store personal data securely
Obscure Personal Details from Documents
Do not assume a site is secure, just because it is `HTTPS`
Use Virtual Cards when paying online
Review application permissions
Opt-out of public lists
Never Provide Additional PII When Opting-Out
Opt-out of data sharing
Review and update social media privacy
Compartmentalize
WhoIs Privacy Guard
Use a forwarding address
Use anonymous payment methods
View Full Checklist ➜
Physical Security
Destroy Sensitive Documents
Opt-Out of Public Records
Watermark Documents
Don't Reveal Info on Inbound Calls
Stay Alert
Secure Perimeter
Physically Secure Devices
Keep Devices Out of Direct Sight
Protect your PIN
Check for Skimmers
Protect your Home Address
Use a PIN, Not Biometrics
Reduce exposure to CCTV
Anti-Facial Recognition Clothing
Reduce Night Vision Exposure
Protect your DNA
View Full Checklist ➜