Different randomized username on everything I sign up for. I do it so you can't google my username on one platform and find me on another. Each account also gets its own unique email address.
Same domain. Every email is just the username it's associated with @ the domain (Not gmail). The passwords are different between account and email (And no two accounts anywhere share passwords).
As of right now I have 19 already-created email accounts just waiting to eventually be associated with some account I'll make for some service in the future. Any time I get low I'll make a bunch more at once. I have almost 60 accounts across the internet using this system already. It does get a bit annoying when certain sites want to email me a login code every time I log in.
I personally pay the extra $1.50 for iCloud+ (due to the extra storage) and that comes with “hide my email” - which lets you generate an alias specific to the site you’re signing up on.
Then if I get sick of the site or I feel it’s getting spammy I just delete the alias
I recognise that security through obscurity isn't something you can rely on, so don't consider my own practices to be secrets and am willing to share them to help others.
I use strong unique passwords stored in a KeePass database, and MFA whenever it's available. I also have a VPN specifically so that I can use public Wifi when I have to (or wish to do something more private on the internet, such as downloading Linux ISOs).
I also have a vanity domain that redirects all mail to a central mailbox, so whenever I sign up for something I can easily use a unique address. This allows me to block specific addresses that produce spam and see where the spammers got that address.
That's actually a big one for me too. I have an extension running called "minimal consent" but it's deprecated and never managed the more complicated dialogues. I also disable personalised ads on every platform (often defaults to enabled)
It's sometimes annoying but all in all, I get the most random ads and i'm happy about it.
As a rule of thumb, if the cookie dialogue does that spinny "saving prefernces" loading screen for more than 10 seconds, the page probably wasn't worth my click anyway and I close it.
I'm ashamed to admit I do the same thing!! Both of those. Lol. If I'm putting out a bunch of boxes in the recycling I always worry people will think I've got valuables or something nice and target me. Also identity theft is no joke. It's annoying that credit card companies send so much semi-sensitive stuff via mail.
i live in huge building with like 15 other parties(?).
i just want my papertrail (pizzacartons, invoices, insurance-stuff, sextoy-packaging, ...) to drown in the "noise" ^^
Use Linux, uBlock, other Free Software. Change the operating system on my phone to LineageOS or GrapheneOS, get my Apps from F-Droid. Don't sign up everywhere with my real phone number and birthday.
(Regarding the original question: I'd say secure passwords and 2fa is more security than privacy?!)
I don't use any "pay" apps. I got a card from my bank, I just use that to pay. So i don't know. But the banking app that generates tan codes, shows the balance and so on works fine.
I prefer GrapheneOS for my main phone. It just works and has sane default settings. On other devices I prefer LineageOS for microG. And i can root Lineage which is handy for development.
Custom ROMs will always be broken with selective bank apps, period. Best to not root or flash a ROM if you want to live your life instead of tinkering like a teenager.
It's always a good advice to be on good terms with the surveillance officers. I do it too and sometimes they even look in the other direction when I did wrong ;-)
I use a Password manager and only have free software on main laptop computer. Fake emails, phone numbers, names wherever possible. Noscript in firefox based browsers. Self hosting services at home. For services I do not want my identity attached to shuf -n1 /usr/share/dict/words for usernames. I avoid all non-fediverse social media platforms with no free front end whenever possible. I use rss feeds and mpv for playing youtube videos. I use libredirect with free software frontends. I do not run proprietary software on my main laptop, I use a second laptop, a virtual machine or don't run the software (for example when I need to use zoom I might run it on a second laptop and use a capture card.). I seperate different online activities with different browsers with different firefox colorways to prevent confusion (for example Firefox ESR for normal personal browsing, Normal firefox for vpn browsing, Firefox Dev Edition for school and college).
My kid watches some specific things we've deemed okay on youtube but there's constant "you may also like" creep that he ends up finding, and it's always garbage, this might be the way to finally limit the content to the specific stuff we've agreed to.
I configured the newsboat rss reader for my youtube subscriptions, but you may want to configure another reader that allows you to download/watch videos. An alternative to @cow@lemmy.world's javascript code, you can go onto the homepage of a youtube channel, open up the page source and search for "rssurl". That will give you the rss feed for the channel.
A lot of readers can do this automatically. It really is nice to watch videos without any of the suggestions or ads. Also, if you use mpv to watch the videos, you can install a sponsorblock script that does away with the paid promotions in the video.
Yes, this bookmarklet javascript:(function () { var newLocation = function () { var url; Array.prototype.slice.call(document.getElementsByTagName('link')).forEach(function (element) { if (element.getAttribute('type') === 'application/rss+xml') { console.log('Found direct feed link'); url = element.getAttribute('href'); } }); if (!url) { Array.prototype.slice.call(document.getElementsByTagName('meta')).forEach(function (element) { if (element.getAttribute('itemprop') === 'channelId') { console.log('Found channel ID'); url = 'https://www.youtube.com/feeds/videos.xml?channel_id=' + element.getAttribute('content'); } }); } return url; }(); if (newLocation === undefined) { console.log('Could not find a channel RSS feed from ' + location.href); } else { location.href = newLocation; } })(); Will convert a youtube channel page to a rss feed. I watch the videos using photon and mpv but that is probably too advanced for your kid but a simpler app might work.
I use Bitwarden for pw manager and 2FA. I use that to create a random password for anything I sign up to.
I am fortunate enough to run my own mail server, so for every signup I don't trust, I make a new email address and only use it for that one thing.
You can do facetube+normalemail@someplace.con if you cannot run your own. This at least lets you know who is leaking your info.
I generally try to run as much FOSS as possible, I do dual boot Win/Linux because unfortunately we still have companies not providing for both OS.
And if I go out in the public, I wear a cricket box.
Randomised words for any website that asks for memorable info (mother's maiden name, first pet's name, etc) for security. Always gets a laugh from customer services.
Things I do what give me a percieved sense of privacy/ security:
use Firefox with Add-ons (Ublock origin, Idontcareaboutcookies, Istilldontcareaobutcookies, Consent Blocker)
browser set up to block third party cookies and to delete any cookies after closing
not allowing to store any credentials in the browser
using different passwords for different services (not one password for all)
using Two-Factor-Authentification on services which are connected with banking account
not using freemail providers for email
using a temporary email where possible if registration is required
encrypted hard drive and encrypted backups
do not use cloud storage (I rely on old school portable hard drives and thumb drives)
using an additional firewall to stop certain not-quite-legally-obtained programs from phoning home (these programs can't be replaced through FOSS at the moment, or are too ridiculously overpriced to buy them right now)
restrict/ forbid operating system to collect anonymous data and to phone home (as if that helps...)
don't do online banking with an android 8 device
The password storage thing sometimes seems to be a hassle. I have stored my passwords in a physical moleskin, written with a pen, like an old person would do. When I have that book not availiable (when travellling), I have to guess my credentials.
At work I have the browser stored all the credentials. It's so much faster and easier. But since it's at my job I don't have to worry about my own private stuff.