Go stealth mode while surfing

Unless you’ve been living ‘off the grid’ – and we mean living off the land in a shack somewhere in the middle of nowhere like some kind of crazy hermit your entire life, it’s impossible to erase yourself from big data. Where everything is tracked logged analysed for all time. This handy guide will give you some pro tips on going incognito.

However there are now some services popping up that allow you to eliminate your web presence pretty much entirely. Then there is of course the need to go incognito from prying eyes of Google and Facebook who probably know you better than you know yourself.

Use a privacy-first web browser

You should use a web browser that protects you from tracking, fingerprinting, and unwanted advertisements.

Modern browsers have made it simple to transfer your bookmarks and preferences in order to reduce switching pains.

Review the privacy of your physical space

You should add a webcam cover on your laptop and desktop computers. A webcam cover provides peace of mind when entering and exiting video calls that you are only visible when you choose to be.

You should protect yourself from people shoulder-surfing when working in a public space, such as a cafe or on a plane. A privacy screen blocks side views outside a 60 degree viewing angle.

Use a VPN

A VPN, or virtual private network, is a useful tool to secure an internet connection. It guarantees that data you are sending and receiving is encrypted, preventing people from snooping on your traffic.

You should use a VPN provider that you trust to not harvest and re-sell your data. The best VPNs often charge a monthly subscription – this is a good thing because it means their business model is not reliant upon reselling your data to advertisers.

Change your search engine

You should use a search engine that protects you from tracking, fingerprinting, and unwanted advertisements. DuckDuckGo is a privacy-first search engine that does not store your search history, has strict location and personalisation permissions, and publishes regular content teaching people how to be safer on the web.


Review and remove metadata attached to photos you share

Geotagging is the process of adding geographical identification to media files (photos and videos, for example). Anyone who has access to these tagged media files (for example, on Instagram or Twitter) can read this data and learn where the photo was taken.

You should understand how location metadata is attached to your media and take steps to ensure you are not uploading sensitive information with your files.

Review your social media privacy settings

Over the years social media companies are able to gather staggering amounts of data about you, your interests, who you talk to, where you go, what you buy, and so much more.

If you‘re not ready to give up social media quite yet, you should take the time to review your security and privacy settings. Visualizing the amount of information that social media companies know about you may be enough to curb that unhealthy newsfeed obsession.

Use encrypted messaging apps when sharing sensitive information

When sharing sensitive information over chat, you should be using a secure, end-to-end encrypted messaging service. End-to-end encryption ensures that only you and your intended recipient are able to view messages. Your messages will appear scrambled (and will be nearly-impossible to unscramble) to anyone else, including app developers and ISPs.

Educate yourself about phishing attacks

Phishing is an attempt to obtain sensitive information (like an account password) by disguising as a trustworthy person or company. Phishing often occurs via email where a hacker will use social engineering to convince someone to click a link that goes to a fake login page. The fake login page then sends anything the victim types (including usernames and passwords) to the hacker.

In recent years phishing attacks have become increasingly sophisticated and hackers are learning to use data that people put on the web to create highly specific and targeted attacks.

Keep your devices up to date

Many of the most damaging hacks in recent history were only possible because someone failed to update software. While update notifications delivered by your smartphone, computer, and other internet-connected devices can be disruptive, applying those updates in a timely manner is the single-most effective action you can take to protect yourself from these types of attacks.

You should apply software updates to every device you own as soon as they are made available, and develop a habit of checking for updates on devices that do not notify you of available patches to ensure their security.

Encrypt your devices

If your phone or computer is ever stolen, a thief may try to read or export your personal data. If your device is unencrypted, hackers will have access to anything stored on that device, including photos, emails, documents, and contacts.

You should enable encryption on every phone and computer you use. Encrypting your devices makes it nearly impossible for a thief to read your data without having your encryption password.

Use two-factor authentication

Two-factor authentication (2FA) adds an extra layer of security on top of passwords. It ensures that someone logging into an account is who they say they are by requiring an extra piece of information besides the account password.

This extra information is usually either something you know, something you have, or something you are – for example, a biometric signal like FaceID.

You should not use your phone number as a two-factor method.

At minimum 2FA should be installed on accounts that can lock you out of other accounts: e.g. a Google account, email applications, an Apple ID, and financial accounts. For stronger security, ensure that 2FA is enabled on every service you use that supports it.

Create a strong device passcode

A four-digit passcode for your phone or other devices is no longer considered secure. You should use a 6+ digit passcode at the very minimum, and for extra security use a 6+ character passcode containing both numbers and letters. TouchID and FaceID should be turned off when traveling internationally.

You should enforce a strict lock policy on your devices. Always require a passcode and ensure that a device is not left unattended for more than a minute or two.

Use for DNS resolution

DNS (Domain Name Servers) are the internet’s equivalent of a phone book. They translate a name like ‘google.com’ into an IP address. By default, DNS is slow and insecure. Many internet service providers track and log data that flows through DNS, in some cases reselling this data to advertisers.

Cloudflare has released a privacy and performance-focused DNS tool that protects your internet traffic from internet service providers and people snooping on public Wi-Fi networks. is faster than the average DNS service as well, making it faster to use the internet.