Conversations about life & privacy in the digital age

17 Top Tips for Protecting Your Privacy

Happy Data Privacy Day! Celebrated Jan. 28 every year, people are coming together across the globe to talk about the importance of privacy. Take a look at the conversation that’s been happening today on Twitter via the hashtag #DPD14 (or Facebook).

On Jan. 16 we asked our users – some of the best privacy experts in the world – to share their top privacy tips. We were overwhelmed by the response. Hundreds of tips poured in, and many of which them overlapped from multiple users.

We sifted through them & picked some of the top tips for protecting your privacy:

  1. Use Disconnect if not using Tor. – Daryl
  2. Use local full disk encryption everywhere, be it FileVault on the Mac, LUKS on Linux or Truecrypt/BitLocker on Windows. Especially true for Laptops. – Gordon
  3.  If you don’t like to give your email address to each service or message board you sign in, you can use services like or which give you a temporary and disposable email address.  -C (You can also use Gmail’s to track companies that sell your information, and don’t do any more business with them! – Gabriel)
  4. Use different passwords for different accounts and keep them in a password manager (LastPass, KeePass). For example, I use the cross-platform Password Gorilla (same encrypted database on a shared drive read by both Linux and Windows). Of course, backup  the password database file on SpiderOak. – Dusk
  5. Make full use of your password manager, have it generate long, random, unique passwords for all sites. Make sure the password protecting your password manager is very long. As in over 20 uppercase, lowercase, numbers, and symbols. has a good example of how to achieve such requirements in a sane manner (but DO NOT use the phrase “correct horse battery staple” as I’m sure that’s in a hacker’s common password list). Linux users check out the command `apg` and it’s “-a0″ mode to get pronounceable (for english speakers) random words. – Todd
  6. Never type important login information on a public computer. It may have a kernel-mode keylogger installed and you have no way to reliably check for its presence. If you can’t avoid doing it, remember to logout and when you get back home change the password you used. – D
  7. Beware of free wi-fi hotspots, remember to verify that the wi-fi network name is from a legitimate service. Avoid unsecured wi-fi networks. Use a Virtual Private Network (VPN), when possible, which helps you to route your activity through a separate private network, more secure, while you’re on a public one. – B **Note: see our two recent posts: VPN, privacy and anonymity, and Guest Post: Can you trust a VPN to protect your privacy?
  8. Never disable your security software when playing games. Search for a “game mode” in your security software; you won’t be interrupted in the middle of a game, but you’ll be protected. – B
  9. Never leave your devices unsupervised. When you leave them, lock them and make sure the password you have set is strong. – Christian
  10. Third-party cookies suck. Turn them off in Chrome under Settings > Privacy > Content Settings > Block third party cookies and site data.
    On Firefox that is Preferences > Privacy > History > Use custom settings for history > Accept Third Party Cookies > Never (or from visited if you want to let sites you’ve been to save cookies on other sites. Tell sites you don’t want them to track you on Chrome: Settings > Privacy > Send a ‘Do Not Track’ request with your browsing traffic; Firefox: Preferences > Privacy > Tracking > Tell sites I do not want to be tracked. – Conor
  11. Use DNSCrypt and the DNS Servers at OpenDNS to secure your DNS traffic from eavesdropping. Use HTTPS Everywhere from the EFF to ensure your traffic with major websites is encrypted where possible.- John
  12. Use SSH keys & disable password authentication. Use GPG to encrypt emails. And use RedPhone app to encrypt phone calls. – Toby
  13. Adblock Plus is awesome and allows you to block Social Media Buttons and has special privacy filters to help keep your footprints clean! – C
  14. Stay informed. Treat security news as important. For example, Ars Technica has a dedicated security column Be aware of alternatives to the software (including webapps) you use and how easy it might be to migrate if neccesssary. See for a privacy/security focus. See for general options (where I found out about SpiderOak!). This is also relevant if you run a website, see for tips on avoiding silos. - David
  15. Treat the answers to security questions like passwords. If “Buddy” is a bad password (and it is), then using “Buddy” as the answer to a website’s security question of “What is the name of your first pet?” is also insecure. Use strong passwords AND strong answers to security questions. Courtesy of Facebook and other Internet sources, it is often easy to find the maiden name of someone’s mother. Never use your mother’s real maiden name as the answer to “What is your mother’s maiden name?” – A
  16. Use a Google Voice number that forwards to your cell phone for Craigslist anything. - Avaah
  17. If you’re not paying for the service, your privacy could be the payment. – T

Bonus: Probably the most important privacy technique I use today: Follow this blog. Not only does it give you updates on SpiderOak, but they occasionally recommend other software and companies like they did here: A List of Privacy-Focused Companies, Tools & Technologies. - Bryan

A huge thanks to all of you for your support, time and kind words you gave when writing in!

Want more tips? Check out all the tips submitted via blog comments over the past few weeks.

Is your data secure? Enjoy 28% off our completely private backup, sync and share. Discount runs until the end of January.

Are you a privacy pro?  Answer these 10 questions and to see how good you are at protecting your online privacy: (created by SpiderOak +

Learn more about Data Privacy Day.

We will share more of your tips in the coming weeks. Do you have anything to add? 

Privacy is something to be shared. Please pass it on!

Data Privacy Day Discount – Protect Your Data with 28% Off

Data Privacy Day SpiderOak 2014 discount promotionTomorrow, Tues. Jan 28 is Data Privacy Day.

This month we are raising awareness about the importance of protecting your data by joining the efforts of the National Cyber Security Alliance (NCSA) and hundreds of other organizations around the world. Read more about Data Privacy Day.

So help us celebrate! Enjoy 28% off all yearly plans for private backup, sync and share. This offer ends Friday Jan. 31 at 12 a.m. CST.

Already a user? Upgrading is easy:

  1. Login to your account.
  2. Go to Account tab at the top right.
  3. Select Upgrade Plan on the left under your name.
  4. Enter DataPrivacyDay in the promotional code field and select Update. When you see ‘Promo code DataPrivacyDay’ confirmed, select your plan size under Yearly Billing and click next. Congrats – you have 28% off!

New user? Welcome! Here’s what you do:

  1. Get started now and create your account.
  2. Download and install the client.
  3. Click  ‘Buy More Space’ in the client itself, or via the web portal (which you can only login to once you’ve downloaded the client). In the web portal, you will go to Account, and then choose Upgrade My Plan.
  4. Enter DataPrivacyDay in the promotional code field and select Upgrade.  Choose which plan you want under Yearly Billing. Congrats – you have 28% off!

Remember, store your data encrypted, and don’t give away the keys. What better way to secure your data than with this Data Privacy Day discount?

If you missed it, learn what you can expect from SpiderOak in 2014.

Happy DPD!

Privacy is something to be shared. Please pass it on.

“GB for Life for a TIP You Recite”: Share Your Privacy Tips, Earn Free GBs

**Thanks for submitting your tips! This promotion is now closed as of Sunday Jan. 26. Get 28% off yearly plans until the end of Jan.**

No one is better at protecting their online privacy than SpiderOak users. Our users are some of the best privacy experts in the world. They are extremely intentional about what they do – or don’t do – online, with their data and personal information.

So as Data Privacy Day (DPD) approaches on Tues. Jan. 28, we want to collect some of your key privacy tips and give you free GBs to show our thanks. Then we will share the Top Privacy Tips submitted here on the blog on DPD to help others protect their privacy online.


Submit your top privacy tip(s) via:

  • A comment on this post
  • Email campaigns[at]spideroak[dot]com
  • Facebook
  • Twitter

Be sure to include your username so we can give you a GB!

New user? Quickly sign up for a free account (which automatically gives you 2 Free GBs for life) then submit your tip and new username and we will give you the additional GBs in this promotion.

Details: This giveaway closes Sunday Jan. 26 (12 pm CST). A maximum of 3GBs can be earned per person. You are welcome to submit more than three privacy tips, but 3GBs is as much as you can earn. Please do not share your tips in more than more place (i.e. via email, comment, and Facebook). GBs will be added to your account by the end of January, thanks for your patience!

But wait, there’s more!

We helped put together this quick and easy way to test your privacy IQ. Answer these 10 questions and see how good you are at protecting your online privacy:

How’d you do?


Thanks for sharing your top privacy tips! Learn more about Data Privacy Day.

Secure & private storage API on the horizon?

We wanted to share our announcement that just hit the wire today:

2013: The Year of Privacy

SpiderOak Bringing Privacy to the Cloud Through Open Source ‘Zero-Knowledge’ Application Framework

SAN FRANCISCO, CA–(Marketwire – Jan 28, 2013)– SpiderOak, the ‘zero-knowledge’ privacy cloud technologies provider, revealed today that the company will release an open source ‘zero-knowledge’ application framework (ZKAF) to push privacy further into the web than previously possible. The official launch will come at the RSA Conference in San Francisco and will further signify the evolution from Internet security to cloud privacy.

The ZKAF open source code will be made available on February 25. Additional details leading up to the announcement will be available at the SpiderOak website:

2013 – The Year Privacy was Found

As the cloud has gone mainstream, so too has the conversation around security. With more data being pushed to cloud servers throughout the world — the need to ensure the data is safe grows. Amidst this dialogue, the concept of ‘privacy’ has been drowned out as it was previously thought not possible to both preserve the privacy of data and also benefit from the advantages of the Internet. This is now all changing.

SpiderOak’s launch of its ZKAF will enable companies and/or developers to apply this framework on top of their application and enjoy all the benefits of ‘zero-knowledge’ privacy without having to understand the detailed specifics around cryptography and encryption. In practical terms, this means that any data generated by an application will never be readable on the server it is stored and, henceforth, remains private and in full control of the end user.

SpiderOak: Privacy Built Into the Technology

From the ground up, SpiderOak was designed with privacy at the core. The company’s industry-leading ‘zero-knowledge’ privacy standard protects user data by encrypting file backup, synchronization and storage throughout every stage. SpiderOak servers never store the plaintext version of a user’s encryption keys (or password). As a result, nobody can view any portion of a user’s content including filenames, file types, folder names, etc. Even the members of the SpiderOak staff with physical access to the servers can never view plaintext user information.

With SpiderOak Blue, the company brings the ‘zero-knowledge’ privacy environment to the enterprise. Through a virtual machine running behind a company’s firewall, SpiderOak Blue connects to LDAP / ActiveDirectory to provide consistent authentication procedures. IT departments have the flexibility and control to create and deploy specific end-device builds depending on the user — managing how and when individual files should be backed up and/or synced. A private cloud offering is also available such that the entire solution is contained behind the company’s firewall or within their server environments.

For more information on SpiderOak Private Cloud and other enterprise products, please visit:

Media Contact:
Ethan Parker, BOCA Communications: (415) 377-0978

It’s Data Privacy Day – Helpful Privacy Tips for You

Here are some of our tips for your privacy protection online. Please let else know what else would might add to the list?

  • Use different, strong passwords for each of your online accounts so if one is compromised the rest are safe. Strong passwords contains letters, numbers, different cases, and symbols.

  • Unused online accounts are a liability. Hackers could use them to infiltrate your more important accounts. Get rid of them.

  • You put a lot of information about yourself on social networks. Would you want that friend of a friend you met once, two years ago to be carrying around a copy of all that information? Probably not. Keep the people you know and trust. Delete the rest.

  • Still receiving bank statements and doctors’ invoices by mail? You don’t need your personal information floating around in your trash can on the curb outside. Call your bank, doctor, credit card company etc. to find out if you can go paperless and manage your records via a secure online portal. You’ll save a tree and protect your privacy. Perfect!

  • Update your web browser (Internet Explorer, Firefox, Safari etc.) regularly to ensure that it’s the most recent version so you can take full advantage of the included privacy features like ‘private browsing mode.’
    (Explorer offers phishing filters, private browsing mode and more; Firefox offers anti-malware, parental controls and more; Google Chrome offers incognito mode, a user privacy settings tab and more.)

  • Taking the time to read a privacy policy in part or in whole to understanding the data relationships that exist on the site will help you make informed decisions when using available privacy controls on a site.

  • Be wary of emails asking you to “update” or “confirm” your information. These are almost certainly phishing schemes aimed at obtaining your personal information.

  • It’s easy to spoof an email sender, so don’t download attachments that you’re not expecting, and don’t download executable attachments at all. If you get an email saying “Run the attached file”, DON’T.

  • You should also never download attachments from unrecognized senders, as they are likely to contain viruses or malicious software that can take over your computer and/or harvest your personal information.

  • Remember to sign out of an online service or account when you are finished with your session, especially if you are using a public or shared computer.

  • Don’t broadcast your location or absence on social media. For that matter, make sure you know where you privacy settings are on social media.

  • Check out some of our favorites for your online use: PrivacyFix (simplifies privacy for you); and search engine DuckDuckGo (does not track any of your personal information).

  • Password-protect your devices.

  • Check your privacy settings before sharing vacation photos.

  • Discuss privacy concerns with your children and other household members. Everyone should understand what you feel is and is not appropriate to reveal on the phone, using a computer, or other situations.

  • Check your credit report regularly.

Find even more tips at

IF YOU MISSED IT: 24 hours left for 28% off

Celebrate Data Privacy Day with us by nabbing 100GBs (an annual plan) at this great discount (details found in Friday’s post).

Thanks for elevating the privacy conversation and Zero-Knowledge privacy with us. We have a big announcement we will post later today.