10 steps for privacy and security on phones and networks

Strong passwords + password manager

Use long (≥14 characters) or 3–4 word passphrases. Unique passwords for each account. Store them in a trusted password manager and enable passkeys wherever they are offered.

Two-step verification (2FA/MFA)

Enable 2FA for email, social media, banking. More secure: authenticator app or hardware key (U2F/FIDO). Save recovery codes.

Avoid texting when you can.

Device protection: PIN, biometrics, SIM PIN
Set long/alphanumeric PIN and Face/Touch ID. Enable SIM PIN to prevent SIM-swap. Turn off screen quickly (auto-lock 30–60 sec). Encrypt device (usually default).

Automatic updates

Enable auto-updates for your system, apps, and browser. Remove apps you don't use (less "attack surface"). Also update your home router/modem.

App permissions under control

Review monthly permissions: location “Only while using”, not “Always”; photos with “Selected photos” when possible; microphone/camera only when needed; turn off “background refresh” for unnecessary apps. Turn off “ad personalization/ID” and “precise location” when not needed.

Backup and recovery

Enable encrypted backups (iCloud/Google) and perform a restore attempt. Enable “Find My (Device)” and “Remote wipe”. Write down the IMEI/serial number somewhere safe.

Secure networks: Wi-Fi, VPN, Bluetooth

Don't connect to public Wi-Fi without a trusted VPN. Disable "auto-join open networks". Keep Bluetooth/AirDrop/Nearby Share turned off when not in use. In browsers, enable "HTTPS-Only" and (if available) encrypted DNS.

Be careful with links, QR codes and installations.
Verify the sender, do not open suspicious attachments. Preview the link (long-press) before clicking. Do not scan unknown QR codes. Do not install APK/ipa outside of official stores; leave sideloading disabled.

Privacy in messages and social networks

Prefer end-to-end encrypted messaging (e.g. Signal/WhatsApp, with 2FA enabled). Turn off “link previews” when possible, delete photo metadata (location). On social media: see who can see your posts, turn off “last seen”/“active status”, don’t post real-time travel plans.

Account monitoring and financial alert

Enable notifications for new logins, monitor active sessions and third-party app access—remove those you don't use. Regularly check your email for data breaches and change affected passwords. Enable notifications for banking transactions.

15-minute mini-checklist (starts today):
Set a strong PIN + SIM PIN → Enable 2FA on email/banking/networks → Install a password manager and change the 3 most critical passwords → Turn on auto-updates → Review permissions for the 10 apps you use most often → Enable backups + Find My/Remote wipe → Turn off auto-join to public Wi-Fi and turn off Bluetooth when not in use.

Photo by Pixabay: https://www.pexels.com/photo/black-android-smartphone-on-top-of-white-book-39584/