← back

My Internet Security Setup

It's 2025, almost everything is online. We pay taxes online, do shopping, invest. We log in to our bank accounts with life savings in them. A single password leak can expose your entire digital identity so after reading yet another story about someone getting their crypto wallet or investment account completely drained, I decided to run a full audit of my own online security. The goal was to make sure I'm safe.

(TL;DR: you'll find a bulleted summary at the end)

Two-Factor Authentication (2FA)

First of all, I enabled 2-factor authentication on all important accounts. This is the foundation for building a secure online system.

I try to avoid text-based authentication because SIM swaps and spoofing attacks are becoming more common. In these attacks, scammers impersonate legitimate numbers, making fraudulent texts look real. To reduce this risk, I rely on an authenticator app instead.

My recommendation: Ente Auth. It's open source, end-to-end encrypted, allows you to log-in via the web browser and export all of your codes. It's also cross platform and has a fully encrypted cloud sync.

2. Password manager and strong passwords

A password manager is a must-have. It reduces the number of passwords you have to remember to just one master password. Everything else is stored safely in encrypted form.

I use Bitwarden, another open-source solution. Its free tier is more than enough for most users, and it supports all essential features.

3. Reducing reliance on passwords

Even with a password manager, I prefer to minimize password usage whenever possible. That's why I've started switching to passkeys.

Passkeys are based on cryptographic key pairs-the private key stays securely on your device, while the public key is stored with the service. Bitwarden supports passkeys, so using them is seamless.

4. Data breaches check

Next, I checked whether any of my email addresses had been exposed in data breaches using Have I Been Pwned.

If an email was found in a breach, I replaced it with a new one across all accounts connected to finances or sensitive data. This limits the risk of phishing attempts that mimic legitimate security alerts and trick you into giving away your credentials.

It's also important because we tend to have this one password we have wired in our brain since teenage years that we tend to use. Attackers often buy/get leaked data and try the combinations in other services. That's why generating unique and random passwords via the manager is also important.

5. iPhone security and Privacy Tips

A few quick tips for iPhone users:

Disable Control Centre access from the lock screen. This prevents thieves from activating Airplane Mode if your phone gets stolen, allowing you to keep tracking it.

Add biometric authentication to apps like Messages, Mail, and your authenticator. That way, even if someone gets temporary access to your unlocked phone, they can't authorize any sensitive actions.

Of course you can go further than that, but I believe that this setup is not too invasive and already provides solid protection in the internet. Regardless of your measures, always check incoming messages twice, do not click on any links which might come from untrusted source neither install any software that you're not sure of.

TL;DR - My Security Checklist

  • Enable 2FA (preferably app-based, not SMS).
  • Use a password manager like Bitwarden.
  • Use passkeys where possible.
  • Check your emails for data breaches with Have I Been Pwned.
  • Replace leaked or compromised emails.
  • Lock down your iPhone (disable Control Centre, add biometric app locks).
  • Stay alert to phishing and fake login prompts.
  • Do not reuse email - password combination.
mailgithublinkedin