For me it would be the following:

  1. Don’t reuse usernames/names
  2. Avoid using social media
  3. Use Tor/VPN when you can
  • Nik282000@lemmy.ca
    link
    fedilink
    arrow-up
    45
    ·
    1 year ago

    For normies it’s easy:

    1. Password Manager
    2. Firefox
    3. Adblocker

    Those three will make up for 90% of peoples bad habits.

    • Schlemmy@lemmy.ml
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      Password manager is something I’ve been preaching but they seem to find it to much of a hassle. Set up Ubikeys for my MIL. Works like a charm.

    • dangblingus@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      How does a password manager improve online privacy? Aren’t you just centralizing all of your login credentials that could be hacked like a certain password manager was recently?

      • Zastyion345@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Use strong master password. Use a 2fa / passkey. Use reputable secure one like bitwarden or better a offline one like keepassXC.

        Password managers are great tools that if used correctly can be very good but when you use them incorrectly it can go very wrong.

        The main thing that they solve is week passwords, and passwords that are reused.

        • Nik282000@lemmy.ca
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Keepass wiht my kdbx in a webdav share with basic auth is the tits. I can access and modify it remotely and it’s easy to detect and block any bots/users who are snooping and trying to access the webdav share. After 3 years of using this setup I’ve only had a dozen hits on that directory out of the hundreds of thousands of bot requests.

      • Nik282000@lemmy.ca
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        For sure if you use a cloud provider, but there are self-hosted and totally offline solutions.

      • pixelscript@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Provided that your key store password can be made very strong, all the risk posed by having all your eggs in that one basket are, speaking from the perspective of an average computer illiterate user like my mom, far outweighed by avoiding the inevitable alternative of one password (or a family of derivative passwords) used across all services.

        One extremely good lock is a step up from two dozen shitty ones if it’s a cascade failure either way.