For normies it's easy:

1. Password Manager
2. Firefox
3. Adblocker

Those three will make up for 90% of peoples bad habits.

Here's the ultimate tip for securing your private information.

1. Keep away from the Internet

1. Password manager such as Bitwarden, generate long strong passwords for everything.
   1a. Corpo SSO (By which I mean "log in with Google/Microsoft/Apple/Whatever") nothing.
2. Hardware keys, MFA on anything that doesn't support one.
3. Degoogle, de-megacorp.
4. Use Linux, stop the Stockholm syndrome that is Windows.

VPN shouldn't even be in the top 10. The benefits are dubious at best and the jury is still out on whether it makes you more of a target or if you can trust ANY provider meaningfully.

I think you are confusing privacy with anonymity.

Don't be afraid to lie when it doesn't matter. Unless it is for something official or that will impact the service, use the wrong DoB, enter the wrong name, etc... if it isn't going to need verification then there is no need to give valid data that can be stolen or misused at a later date.

1. Ditch Chromium.
2. Use a Password Manager instead of "log in with Google/Facebook/whatever"
3. Keep tabs on Mobile App permissions and revoke as many as you possibly can. I revoke location permissions from every single app except Navigation apps, which have to ask for location permissions. If possible, remove apps in favor of Native Alpha / Hermit web apps

I disagree with your #3 point. There is nothing stopping you from disclosing personally identifiable information through Tor or a VPN. They can help you with keeping private, but they don’t do anything if you don’t know how to use them for privacy.

The Tor browser resists fingerprinting, but a VPN doesn’t. A VPN only keeps your IP address private, and your IP address isn’t really that interesting to the big tracker companies.

I would say something more like Firefox’s container tabs is way more useful for privacy.

Got some disagreements here:

I'd say you can reuse names/user names but then you should seperate your internet personality from your reallife personality.

Choose the right social media (fedi verse stuff that doesn't spy on you)

Also tor is a bit much for most things. for staying private a vpn you can personally trust should be enough

But the tips you listed are great for staying anonymous

• Don’t use Brave.

Wow. Lemmy's user base has really pidgeon-holed itself in these comments. Just observing, not critcizing. Interesting to see. Privacy to most people here means privacy from big tech and government. Responses are also largely technology-focused solutions rather than personal practices.

I'm going to throw "Don't give out your personal information" into the ring to round things out.

don’t reuse usernames

but sentimental value ._.

I would put "Alwayse use uBlock origin, and decline any data consents" instead of the third point, and swap it with the 2nd

i think everyone’s threat model is different so the first step would be to decide what urs is and the lengths in which ur willing to go to protect ur data and privacy. for some people, there’s no need to go so far as to assume complete anonymity on the internet and that’s fine.

1. Don't say too much about yourself or post photos
2. Burn old accounts and make new ones periodically
3. Turn off features that notify people when you get online or what you're doing like Steam and messaging clients

1. Use a trustworthy VPN and encrypt your DNS lookups
2. Set up a Pihole for DNS filtering and ad server blocking/use UBO on FF
3. Don't associate your online usernames with your real name or any identifying information like your birthyear (so like, don't use Facebook)

1. Password manager
2. Adblocker
3. 2FA

Next steps are a Quick software audit: how do you check your email, what chat apps are you using, what browser are you using, etc.

Always keep things low-friction to stat out

https://bbbhltz.codeberg.page/blog/2022/03/low-friction-introduction-to-digital-privacy/

1: Use Linux

2: Mullvad browser (Firefox-based) - while I don't use it myself (I have my own customised Firefox in-keeping with my threat model) for an average "normie" user this seems to have the most sane defaults for privacy including uBlock Origin installed by default (and fingerprint resistance).

3: Keep your software updated (too overlooked by so many users).

It all depends on risk rewards. Everybody has a different case. I don't think generic advice is possible. Only what works for specific individuals. Yours sounds like is good advice for you.

Edit: there is no defense against a threat vector with unlimited resources.

Use an adblocker

Just some off the top of my head.

1. Don't use Google, Microsoft, or any other major company (or subsidiaries) for email.
2. Use a privacy-focused browser (aka not Chrome).
3. Don't sign up for every rewards program or app, they all harvest data.

1. Don't open email attachments from your family.

1. Don't let the phone use You.
2. Use a firewall with ads blocker. (Like InviZible Pro)
3. Make an Encrypt-first habit, be it for files, notes, contacts, or passwords.

• Common sense
• Don't store relevant or important data in your Mobile, disconnect GPS
• Use a VPN

But there are way more measures needed to patch the biggest privacy holes. Giving fake data is better than hiding data, ⚠Search engines, read TOS and PP, use ad and trackerblocker, extensions like JShelter or similar, check your browser in Browserleaks and adjust it corresponding to the results. don't use centralized chats or social networks, use front-ends as much as possible, don't share private photos, at least not without deleting EXIF data before, use Tuta.mail, Proton Mail or Nextcloud Mail (Murena), instead of Gmail or 🤢utlook, DON'T USE Imgur.......