The 15 Steps to Protect Your Digital Life

15 Steps Security Plan

Step 1: Set Up Password Manager

Set up a password manager on your phone and computer. Use it against a test environment to get used to the functionality. Practice here.

  • passwords.google.com
  • Apple Keychain
  • 1Password
  • LastPass

Step 2: Set Up Authenticator App

Set up an authenticator app in order to use multifactor authentication on sites:

  • Trendmicro Authy
  • Google Authenticator
  • Microsoft Authenticator
  • iOS integrated authentication code generator

Step 3: Freeze Your Credit

Freeze your credit with the three credit bureaus. Create accounts if you don't have them already.

Step 4: Export Passwords

Export your passwords from any existing password manager or browser so you have a consolidated list.

Step 5: Sort Sites by Priority

Sort your list of sites into the following categories:

  • Financial targets for hackers
  • Social targets for hackers
  • Information targets for hackers
  • Everything else

Step 6: Change Passwords & Add MFA

Change passwords and set up multifactor authentication on the high-priority sites listed in the categories above.

  • Use strong passwords suggested by your password manager.
  • Save passwords in the password manager.
  • Check for the ability to activate multi-factor authentication and set that up where possible.

Step 7: Keep a "Hard" List

Keep a list of these high-priority sites that you want to return to, were hard/difficult, or needed more investigation or time.

Step 8: Revisit the "Hard" List

Once you've completed the list of high priority targets, go back over it and check the sites on your "hard" list.

Step 9: Do Not Call Lists

Get your phone on national do not call lists to reduce unsolicited calls and scams.

Step 10: Opt Out of Mailers

Opt out of physical mailers and pre-approved credit card letters that could be intercepted.

Step 11: Data Broker Removal

Request personal information be taken down from data broker sites.

Step 12: Review Data Leaks

Review sites that post data leaks to see if your info has been compromised.

Step 13: Monitor Credit & Banking

Check your credit report and review bank account transactions frequently.

  • Look for unauthorized payments.
  • Call your bank to discuss any that you find.
  • Review them against maps, travel history, and subscriptions.
  • Charge back transactions you still can't place or recognize.
  • Stop as many recurring payments as possible.
  • Post how much you saved anonymously so we can celebrate together!

Step 14: Clean Up Apps

Remove unnecessary apps from your phone to reduce attack surfaces.

  • Never install or allow install of apps from untrusted locations. Only install from the official app store.
  • Review permissions for each app you install. Is this an essential app for you?
  • Is a game app asking for location, file, and picture access? This is bad. Don't install.

Step 15: Protect Your Children

Never let your child use your primary devices.

  • Uninstall kids apps from your personal phone.
  • A data breach is far more expensive than buying them cheap Wi-Fi phones and tablets.
  • Don't use your accounts on their devices.
  • Activate parental controls on their devices.

Additional Best Practices

Unsubscribe from Spam Emails

  • Find the unsubscribe button on email (usually at the bottom). Gmail puts unsubscribe at the top sometimes.
  • Block spam proactively.

Keep Attack Vectors in Mind

  • Heavily guard against giving information in phone calls, especially if they called you.
  • Never click links in emails even if they look legit. Go to the site, log in, and check for the same alert you got in the email.
  • Call customer service, colleagues, or businesses directly to confirm suspicious emails.
  • Don't post personal information on social media. IQ tests, love compatibility surveys, and "which TV show character am I?" are all bad.
  • Watch out for fake job postings asking for resumes, fake sweepstakes/prizes, and typo-squatting sites that look like legitimate sites.
  • Be wary of magazine subscriptions or other door-to-door sales people, or groups asking for money.
  • Watch out for people impersonating your loved ones asking for money:
    • Do you recognize the phone number? Are they saying it's an emergency?
    • Does it look like them, but still not seem right? Hang up and call the number you have saved in your phone.
    • Advise them to go to the hospital or police station for assistance.
    • Are they contacting you from social media? This is very bad and suspect.
    • Are they asking you to use CashApp, Venmo, PayPal, or something that isn't a bank account? This could be an indicator of fraud or scam.