Digital hygiene checklist

Passwords

• Password manager installed and used by default (Bitwarden, 1Password, or built-in browser).
• No password reused across sites.
• Long master password — 4+ random words.
• Recovery codes for the master password stored offline.

Two-factor authentication

• 2FA enabled on email, bank, password manager, social media, cloud storage.
• Hardware key or authenticator app preferred over SMS where possible.
• Backup codes stored offline.

Devices

• Phone and laptop full-disk encryption enabled.
• Auto-lock under 5 minutes.
• Recent OS update applied (within 30 days).
• Lost-device wipe configured (Find My / Find My Device).

Accounts

• Email auto-forwarding rules audited — nothing rogue forwarding mail elsewhere.
• Connected apps audited on Google / Apple / Microsoft / Meta — third-party access reduced to current essentials.
• Old accounts you don't use closed (or marked for closure).

Backups

• Phone backed up to an encrypted cloud, weekly.
• Laptop backed up to a separate device or encrypted cloud.
• Backup tested — can you actually restore from it?

Surveillance posture

• Smart-home / always-listening devices audited; ones you don't actively need turned off.
• Browser uses a tracker-blocker (uBlock Origin / Brave).
• Mobile location-sharing audited — who can see you, do they need to?
• Public-record / data-broker exposure checked once a year.

Annual review date.