What habits do you have to protect your privacy?

Different randomized username on everything I sign up for. I do it so you can't google my username on one platform and find me on another. Each account also gets its own unique email address.

Same here, except on Lemmy because I have many alts on many instances
- Makes sense. I've been considering making an identical alt on beehaw, but I'm still holding out hope they'll refederate.
Is that a unique address at the same domain, or even the domains are unique?
- Same domain. Every email is just the username it's associated with @ the domain (Not gmail). The passwords are different between account and email (And no two accounts anywhere share passwords).
  
  As of right now I have 19 already-created email accounts just waiting to eventually be associated with some account I'll make for some service in the future. Any time I get low I'll make a bunch more at once. I have almost 60 accounts across the internet using this system already. It does get a bit annoying when certain sites want to email me a login code every time I log in.
- I personally pay the extra $1.50 for iCloud+ (due to the extra storage) and that comes with “hide my email” - which lets you generate an alias specific to the site you’re signing up on.
  
  Then if I get sick of the site or I feel it’s getting spammy I just delete the alias

Those are security guards, not privacy guards..

No privacy without security.
- Passwords and 2FA won't stop you from being tracked when web browsing or using apps on your phone
- Privacy is NOT a subset of security. Both are radically different functions.

I don't reveal my privacy secrets on Lemmy.

I recognise that security through obscurity isn't something you can rely on, so don't consider my own practices to be secrets and am willing to share them to help others.

I use strong unique passwords stored in a KeePass database, and MFA whenever it's available. I also have a VPN specifically so that I can use public Wifi when I have to (or wish to do something more private on the internet, such as downloading Linux ISOs).

I also have a vanity domain that redirects all mail to a central mailbox, so whenever I sign up for something I can easily use a unique address. This allows me to block specific addresses that produce spam and see where the spammers got that address.
- Fair enough! I was mostly joking. Those are some great tips.

Taking the time to refuse all the cookies, every time I visit a website.

Going through all of Google, Facebook and other services settings to disable every tracking possible, especially towards ads.

I can tell that ads are less and less relevant.

Taking the time to refuse all the cookies, every time I visit a website.

Might I suggest this then?
https://addons.mozilla.org/en-US/firefox/addon/cookie-autodelete/
That's actually a big one for me too. I have an extension running called "minimal consent" but it's deprecated and never managed the more complicated dialogues. I also disable personalised ads on every platform (often defaults to enabled)
It's sometimes annoying but all in all, I get the most random ads and i'm happy about it. As a rule of thumb, if the cookie dialogue does that spinny "saving prefernces" loading screen for more than 10 seconds, the page probably wasn't worth my click anyway and I close it.

I remove all address stickers from packages before recycling them and i shred all papers that contain my name or sensitive infos.

I'm ashamed to admit I do the same thing!! Both of those. Lol. If I'm putting out a bunch of boxes in the recycling I always worry people will think I've got valuables or something nice and target me. Also identity theft is no joke. It's annoying that credit card companies send so much semi-sensitive stuff via mail.
Why remove the address stickers? A person that has access to your garbage cans probably knows your address anyway
- Permanently Deleted
- i live in huge building with like 15 other parties(?). i just want my papertrail (pizzacartons, invoices, insurance-stuff, sextoy-packaging, ...) to drown in the "noise" ^^

Use Linux, uBlock, other Free Software. Change the operating system on my phone to LineageOS or GrapheneOS, get my Apps from F-Droid. Don't sign up everywhere with my real phone number and birthday.

(Regarding the original question: I'd say secure passwords and 2fa is more security than privacy?!)

LineageOS or GrapheneOS

Which one do you prefer and why? Has installing any of them caused banking or pay apps to stop working?
- I don't use any "pay" apps. I got a card from my bank, I just use that to pay. So i don't know. But the banking app that generates tan codes, shows the balance and so on works fine.
  
  I prefer GrapheneOS for my main phone. It just works and has sane default settings. On other devices I prefer LineageOS for microG. And i can root Lineage which is handy for development.
- Custom ROMs will always be broken with selective bank apps, period. Best to not root or flash a ROM if you want to live your life instead of tinkering like a teenager.

I never type the password of my computer in front of anyone or under any security cameras
I have a password manager
I spent lots of time reading about aliens so they know not to mess with me
I acknowledge my surveillance officers and have chats with them via my computer’s camera, so if I’m ever in a pickle they’re friendly with me

Any good alien information you can share?
- If I share it the aliens won’t respect me.
It's always a good advice to be on good terms with the surveillance officers. I do it too and sometimes they even look in the other direction when I did wrong ;-)

Private Synology NAS
GrapheneOS on my phone

Saying it out loud would be a security risk

I use a Password manager and only have free software on main laptop computer. Fake emails, phone numbers, names wherever possible. Noscript in firefox based browsers. Self hosting services at home. For services I do not want my identity attached to shuf -n1 /usr/share/dict/words for usernames. I avoid all non-fediverse social media platforms with no free front end whenever possible. I use rss feeds and mpv for playing youtube videos. I use libredirect with free software frontends. I do not run proprietary software on my main laptop, I use a second laptop, a virtual machine or don't run the software (for example when I need to use zoom I might run it on a second laptop and use a capture card.). I seperate different online activities with different browsers with different firefox colorways to prevent confusion (for example Firefox ESR for normal personal browsing, Normal firefox for vpn browsing, Firefox Dev Edition for school and college).

How many layers do you use in your tin foil hat?

Edit: /s
RRS feeds for youtube?

My kid watches some specific things we've deemed okay on youtube but there's constant "you may also like" creep that he ends up finding, and it's always garbage, this might be the way to finally limit the content to the specific stuff we've agreed to.
- I configured the newsboat rss reader for my youtube subscriptions, but you may want to configure another reader that allows you to download/watch videos. An alternative to @cow@lemmy.world's javascript code, you can go onto the homepage of a youtube channel, open up the page source and search for "rssurl". That will give you the rss feed for the channel.
  
  A lot of readers can do this automatically. It really is nice to watch videos without any of the suggestions or ads. Also, if you use mpv to watch the videos, you can install a sponsorblock script that does away with the paid promotions in the video.
- Yes, this bookmarklet javascript:(function () { var newLocation = function () { var url; Array.prototype.slice.call(document.getElementsByTagName('link')).forEach(function (element) { if (element.getAttribute('type') === 'application/rss+xml') { console.log('Found direct feed link'); url = element.getAttribute('href'); } }); if (!url) { Array.prototype.slice.call(document.getElementsByTagName('meta')).forEach(function (element) { if (element.getAttribute('itemprop') === 'channelId') { console.log('Found channel ID'); url = 'https://www.youtube.com/feeds/videos.xml?channel_id=' + element.getAttribute('content'); } }); } return url; }(); if (newLocation === undefined) { console.log('Could not find a channel RSS feed from ' + location.href); } else { location.href = newLocation; } })(); Will convert a youtube channel page to a rss feed. I watch the videos using photon and mpv but that is probably too advanced for your kid but a simpler app might work.

Protonmail for email
Simplelogin aliases for different services to mask my email address

Check out PrivacyGuides

At the end of the day, the winner for privacy is ... Decentralization Cuz no central server means:

Data only save in your own device
Anonymous, never link to your personal info
E2EE

Can you be more specific? Any software or tool recommendation?
- Session - A private messaging tool, could be an alternative for Whatsapp/Telegram https://getsession.org/blog/session-decentralised-network
  
  WireMin - A decentralized social network, so could be an alternative for Twitter/FB, but also can do DMs http://wiremin.org/#/blog/5
  
  Personall prefered WireMin, cuz I can share blog posts on Feed, and using it as a instant messanger as well.

I use Bitwarden for pw manager and 2FA. I use that to create a random password for anything I sign up to.

I am fortunate enough to run my own mail server, so for every signup I don't trust, I make a new email address and only use it for that one thing. You can do facetube+normalemail@someplace.con if you cannot run your own. This at least lets you know who is leaking your info.

I generally try to run as much FOSS as possible, I do dual boot Win/Linux because unfortunately we still have companies not providing for both OS.

And if I go out in the public, I wear a cricket box.

if I go out in the public, I wear a cricket box.

They said protect your privacy, not your privates.

Chameleon

iCloud private relay, to prevent anyone from scraping your browsing history. Plus stop the madness and AdGuard pro.

Yes, those two.

I host pretty much all my data on my private Synology box at home.

Randomised user names

Password manager

Randomised words for any website that asks for memorable info (mother's maiden name, first pet's name, etc) for security. Always gets a laugh from customer services.

False birth date.

Things I do what give me a percieved sense of privacy/ security:

use Firefox with Add-ons (Ublock origin, Idontcareaboutcookies, Istilldontcareaobutcookies, Consent Blocker)
browser set up to block third party cookies and to delete any cookies after closing
not allowing to store any credentials in the browser
using different passwords for different services (not one password for all)
using Two-Factor-Authentification on services which are connected with banking account
not using freemail providers for email
using a temporary email where possible if registration is required
encrypted hard drive and encrypted backups
do not use cloud storage (I rely on old school portable hard drives and thumb drives)
using an additional firewall to stop certain not-quite-legally-obtained programs from phoning home (these programs can't be replaced through FOSS at the moment, or are too ridiculously overpriced to buy them right now)
restrict/ forbid operating system to collect anonymous data and to phone home (as if that helps...)
don't do online banking with an android 8 device

The password storage thing sometimes seems to be a hassle. I have stored my passwords in a physical moleskin, written with a pen, like an old person would do. When I have that book not availiable (when travellling), I have to guess my credentials.

At work I have the browser stored all the credentials. It's so much faster and easier. But since it's at my job I don't have to worry about my own private stuff.