Digital Hygiene: Keep Your Dirty Laundry Off the Line

A practical guide to digital privacy. Not for paranoids, but for anyone who'd rather keep their business their own. Passwords, 2FA, social media, and more.

6 min read By FTRCRP

Digital Hygiene: Keep Your Dirty Laundry Off the Line

You close your curtains at night. You don’t leave your mail open on the porch. You’d never hang your diary on the clothesline for the neighbours to read while they’re out having a smoke.

So why do so many of us do exactly that with our digital lives?

This isn’t a guide for spies or criminals. It’s for normal people who’d simply prefer that strangers don’t have front-row seats to their private life. Not hackers, not data brokers, not that weird guy from IT.

Think of it as closing your digital curtains.

Your Passwords Are Your House Keys

Imagine using the same key for your house, your car, your office, and your gym locker. Now imagine that key is “password123” and you’ve given copies to 200 different companies, some of which leave them lying around.

That’s what password reuse looks like.

Get a Password Manager

A password manager is a secure vault that remembers your passwords so you don’t have to. You remember one master password; it handles the rest.

We recommend Bitwarden. It’s free, open source, and works on everything.

How to start:

  1. Install Bitwarden on your phone and browser
  2. Create one strong master password (a sentence works well: my-cat-hates-mondays-42)
  3. Every time you log into a site, save it to Bitwarden
  4. Let Bitwarden generate random passwords for new accounts

Within a month, you’ll wonder how you ever lived without it.

Check If You’ve Already Been Exposed

Your email and passwords have probably leaked in a data breach. It happens to everyone.

Go to Have I Been Pwned and enter your email. If you’re in a breach (you probably are), change those passwords. Especially if you reused them.

Two Locks Are Better Than One

A password is something you know. Two-factor authentication (2FA) adds something you have, usually your phone. Even if someone gets your password, they can’t get in without that second factor.

It’s like needing both a key and a code to open your front door.

What to Use

Best: A hardware key like YubiKey. Plug it in, tap it, done. Phishing-proof.

Good: An authenticator app like Ente Auth or Aegis. Free, secure, works offline.

Avoid if possible: SMS codes. Attackers can hijack your phone number more easily than you’d think.

Where to Enable It

At minimum, turn on 2FA for:

  • Your email (this is the master key to everything else)
  • Your bank
  • Social media accounts
  • Anything with payment info

Most sites have it buried in Settings → Security. Take 20 minutes and do them all.

Don’t Lose Your Backup Codes

When you set up 2FA, most sites give you emergency backup codes. Store these in your password manager. If you lose your phone, these are your only way back in.

Social Media: Your Digital Front Yard

Social media is a stage. Everything you post, every photo, every check-in. It is all visible to someone. The question is: who?

Audit Your Privacy Settings

Every platform buries the privacy controls. Go find them.

The basics:

  • Who can see your posts? (Friends only, not Public)
  • Who can see your friends list? (Only you)
  • Who can tag you? (Review tags before they appear)
  • Is your profile visible to search engines? (Probably shouldn’t be)

Spend 15 minutes on each platform. Facebook, Instagram, LinkedIn, TikTok. They all have these settings hidden somewhere.

Think Before You Post

Before sharing, ask yourself:

  • Would I be comfortable if my boss saw this?
  • My parents?
  • A stranger?
  • Someone I haven’t met yet who might judge me in 10 years?

The internet has a long memory. Screenshots are forever.

Your Data Belongs to You

Under GDPR (if you’re in Europe), you can:

  • Download everything a company has on you
  • Delete your account and data
  • Opt out of certain data collection

Most platforms have a “Download Your Data” option in settings. Use it. You might be surprised what they’ve collected.

Your Phone Knows Everything

Your phone is the most intimate device you own. It knows where you go, who you talk to, what you search for at 2 AM. Treat it accordingly.

Lock It Properly

  • Use a 6-digit PIN minimum (longer is better)
  • Enable fingerprint or Face ID
  • Set auto-lock to 1-2 minutes

If you lose your phone unlocked, you’ve lost everything.

Check App Permissions

Apps ask for permissions they don’t need. That flashlight app doesn’t need access to your contacts.

Go through your apps and revoke anything suspicious:

  • iPhone: Settings → Privacy & Security
  • Android: Settings → Apps → Permissions

Camera, microphone, location, contacts. If an app doesn’t need it, turn it off.

Keep It Updated

Those update notifications are not just annoying. They patch security holes that hackers know about.

Enable automatic updates. Install them promptly. This applies to your computer too.

Public WiFi Is a Public Space

The WiFi at the coffee shop is convenient. It’s also shared with every stranger in the building, plus whoever set it up.

Assume You’re Being Watched

On public WiFi:

  • Don’t log into banking or sensitive accounts
  • Don’t enter passwords on sites that aren’t HTTPS (look for the padlock)
  • Consider using a VPN for an extra layer

VPNs: Useful, Not Magic

A VPN encrypts your connection and hides what you’re doing from the local network. It’s useful on public WiFi and can hide your browsing from your ISP.

But a VPN doesn’t make you anonymous. Your VPN provider can see what your ISP used to see. Choose one you trust.

Trustworthy options: Mullvad, IVPN, ProtonVPN.

Avoid: Free VPNs. If you’re not paying, your data is the product.

Email and Messaging: Choose Your Conversations

Not all communication is created equal. Some is like a postcard, readable by anyone who handles it. Some is like a sealed letter.

Use Signal for Private Conversations

Signal is the gold standard for private messaging. End-to-end encrypted, open source, trusted by journalists and security experts worldwide.

For conversations that matter, use Signal. Personal, financial, or just none of anyone’s business.

Email Is Not Private

Email was designed in the 1970s. It’s more like a postcard than a sealed envelope. Your provider can read it. Law enforcement can request it. Hackers target it.

For sensitive matters, use Signal or another encrypted messenger. For everyday email, at least use a provider that respects your privacy: ProtonMail, Tutanota, or Mailbox.org.

Watch for Phishing

Most hacks start with a convincing email. Before clicking any link:

  • Check the actual sender address (hover over it)
  • Ask yourself: Did I expect this?
  • When in doubt, go to the website directly. Do not click the link

If something feels off, trust your gut.

The Neighbour Test

Here’s a simple rule of thumb: Before you share something online, post something publicly, or skip a security step, ask yourself:

Would I be comfortable if my nosiest neighbour knew this?

If the answer is no, take a moment. Close the curtain. Lock the door.

Your digital life deserves the same basic privacy as your physical one. You don’t need to be a tech expert or a paranoid recluse. You just need to treat your online world the way you treat your home.

Keep your dirty laundry off the line.

Quick Start Checklist

This week:

  • Install a password manager (Bitwarden)
  • Turn on 2FA for your email
  • Check haveibeenpwned.com for your email

This month:

  • Audit social media privacy settings
  • Review app permissions on your phone
  • Update all your devices

Ongoing:

  • Use unique passwords for new accounts
  • Think before you post
  • Keep software updated
  • Use Signal for sensitive conversations

You don’t need to do everything at once. Start with one thing. Build from there.

Questions? Contact us.