How to Secure Your Online Data and Privacy

In light of recent reports that one of PLDT’s Twitter accounts was hacked and of several individuals, mostly from University of the Philippines, reporting fake social media accounts under their name, it’s time to up your privacy game.

Here are some tips on how to avoid compromising your online data and privacy:

  1. Always enable two-factor authentication. Use an authentication app instead of SMS. explains how and why you should use it
  2. Take password security seriously. Never re-use passwords between different accounts. In case one gets compromised, your other accounts will remain secured and protected. 
  3. Protect yourself from phishing attacks. Don’t click that link from unknown senders. Always double-check the email sender address.
  4. Protect your devices. Always enable password/passcode and encryption. 
  5. Avoid sharing too much information on social media. Do not post the following information:
    • Names of family members (especially your mother’s maiden name)
    • Your date of birth
    • Where you were born
    • Where you went to college
    • Names of pets
    • Old or current addresses
    • Details about daily routines
  6. Use a password manager like 1Password or LastPass to manage all of your various login credentials for you. They can also generate ultra-secure passwords for all your different accounts. You just have to remember one master password.
  7. Protect your password resets: your email. Always select “require personal information to reset password” in Account Settings, and ensure your “secret questions” are strong ones. Another alternative: put a ridiculous answer. Make something up. Something that only makes sense to you. 
  8. Regularly check your account activity and delete third-party account connections. Log out of all sessions but the current one, and revoke account authorizations for any devices and apps you don’t recognize or don’t use anymore.
  9. Check to see if your data or login credentials were leaked in recent data breaches.

For those who want to take it up a notch:

  1. Change your passwords regularly, all of them. You can use password managers for this.
  2. And use a secret email address (one that doesn’t really relate to your name) solely for logging into your social media accounts.
  3. If all else fails, DELETE YOUR SOCIAL MEDIA ACCOUNTS. If your social media network does not deactivate fake accounts you report, then it is no longer safe for you to stay there.

For those who want to report fake accounts:

  1. How to Report a Fake Facebook Account
  2. How to Report a Twitter Account for Impersonation
  3. How to Report an Impersonation Account on Instagram
  4. How to Report Fake Accounts to the Philippines’ National Privacy Commission

Learn more about privacy and security on DuckDuckGo‘s blog, Citizen Lab’s Security Planner, and Electronic Frontier Foundation’s Surveillance Self-Defense guides.

About the Author:

Kenneth Dimalibot is the Engagement Editor of He is a strategist, storyteller and humanitarian. Previously, he was the audience engagement and analytics lead at the Geneva-based The New Humanitarian, an independent non-profit news organisation reporting on humanitarian crises around the world, after several years working with Save the Children and the Red Cross in media, communication, and marketing roles.

From Manila, Kenneth has lived and worked in Southeast Asia, Europe, the Middle East, and North Africa.

Latest on

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.