- Move all your login credentials to a password manager. Do a security audit. Update any weak passwords, change any duplicate passwords. If you've saved any passwords in the browser, delete them (and maybe even change your passwords for those accounts for good measure).
- If you're using biometric login (fingerprints, voice unlock) for any important accounts (such as online bank accounts), don't.
- Use keybase to authenticate yourself. They have really good setup instructions.
- You'll need to generate a public key. You can have Keybase do this for you, but it's better to generate one yourself on your machine and upload it to Keybase. The public key can now be used by anyone if they want to securely communicate with you!
- Set up 2-factor authentication for all your important accounts. I've done this for (so far) Google, Facebook, Twitter, Digital Ocean, and Github. It's best to use an authenticator app (like Authy or Google Authenticator) instead of SMS.
- Also download recovery codes for accounts that you super care about in case of situations when you don't have access to an authenticator. Store these in a safe place like 1Password or a notebook that you hide from all of the world.
Some good extensions to use (Chrome/Firefox) are
- Privacy Badger
- SetupVPN
- HTTPS everywhere
- Signal: e2e communication. Whatsapp is a less awesome, closed source option.
- Keybase: for file sharing, communication, etc.
- GPG sign your git commits
- set up SSH via SSH key for any boxes you frequently sign into and disable SSH via password
- Set up HTTPS for any website you administer.
- Consider using a security key (yubikey) for your accounts.