Staying Safe Online

Lovingly written and submitted by Jay. Thank you, Jay!

The internet can be a scary place, and there's a lot that could go wrong. Unfortunately, many internet safety guides are incomplete at best and anxiety-inducing at worst. The intention here is to provide a semi-quick primer on internet safety, with links and ideas on how to get more in-depth if you so choose.

Personal Details: Do I need to be anonymous?

One important thing to remember about the internet — specifically social media spaces and public Discord servers — is you never really know who's looking at what you post. Privating your accounts and only allowing access to close friends is a simple way to avoid this, but what if you want to be a part of a bigger space or want to get your work (whether it be art, writing, an online store) out there? Not all of these points will apply equally to everybody, and it's important to keep your own use-cases in mind. But here's a rundown of information you should generally keep to yourself:

Full legal name/last name

It's important to keep these secret in the broader web, especially if you want to keep your personal and work lives separate! By knowing your legal name and/or last name, it's very possible people could find your relatives, school(s), place of work, and more depending on what online databases your information has found itself into.

If you have a really unique first name, it might be best to keep that private as well.


Obviously you don't want strangers appearing at your house, but as a rule of thumb you shouldn't post your general location online either; that means not saying the name of the place if you're going to a specific small business or local restaurant. Sometimes people post online if they're going to a big event, such as a concert or a convention. Think about waiting until after the event to advertise that you were there!

A lot of the time, photos you take on your phone will have location data embedded in them. This is called metadata; it's important to remove this before posting photos! A quick and easy way to do this just involves taking a screenshot of the photo you want to post, then posting the screenshot. If you want to go more in-depth, you can use Exifcleaner.

If you want to follow things like school-related pages on social media, it's a good idea to at least have a separate account for that sort of thing.

Generally, sharing your country or state is safe. Just be cautious, of course.

Age, primarily if you're a minor

This cannot exactly be used to track you, but it's important to avoid predators whenever possible. If you're a child/teenager, advertising that freely will often cause more predators to interact with you.

Personal issues, family drama/information, etc.

Not everyone has a good place to turn to when they need to vent, and that leads to many using social media as a way to cope. This is not inherently bad. If you are going to discuss things like personal mental health struggles, your triggers/traumas, or family issues, it's at least best to do this on a private account. Venting into the void likely won't help you in the long-term, and putting your most vulnerable moments out on the public web can (and sometimes will) be used against you.

Password Safety

This section was lovingly written and submitted by VM. Thank you, VM!

The websites you use that require sign-up keep track of your data with your account. Your login credentials, which are made up of both your username and your password, help websites verify your identity so that you can log in. If someone else can guess the password you use, they can access your account. Strong passwords are hard for others to guess, so they keep your info safe from online attackers.

Think of your password like a key for your mailbox. You should only give copies of your key to the people you trust the most (including yourself) with the letters in your mailbox. If someone gets a hold of your key, they can open your mailbox and read your letters. If you use the same key for different mailboxes, they can read your mail from multiple different mailboxes. Similarly, it's important to make sure that you don't share your login credentials so that you can maintain control over who gets to access your account data.

  • If you make your passwords yourself, make sure they are easy for you to remember but hard for others to guess.
    • Don't use common passwords like "password", "123456", or "555555". These are very easy to guess; for example, here are 200 of the most common passwords used in 2020.
    • Don't use single words as passwords like "fortune". These are easy to guess with enough computer power and time. Adding numbers to the end of a single word (like "cookie3") makes it only slightly harder to guess.
    • Don't use info that other people know about you in your password like names, dates, addresses, phone numbers, pets' names, or car models. If your friends can find it, so can possible attackers.
    • Make your password at least 16 characters long. Longer passwords with less special characters are usually harder to guess than shorter, more complicated passwords with more special characters.
    • Include different types of characters in your password like numbers, uppercase / lowercase letters, and special characters.
  • You can use tools to help you make secure passwords if you have trouble coming up with them.
  • Don't share your passwords with other people, especially not with strangers. Doing this removes your control over who gets to see and share your password.
    • Never share passwords through phone calls, emails, or text. For example, customer service agents shouldn't ask you for your password.
  • Never use the same password for two different accounts. Some websites you log into may have their login credentials leaked or published online through a data breach. This gives attackers clues for accessing your accounts on other websites.
  • Use tools to help keep track of passwords if you have trouble remembering them.
    • Password managers like your browser's integrated password manager, KeePassXC, and BitWarden can help you securely store passwords and synchronize them across devices. Most of them come with built-in password generators.
  • Use multi-factor authentication, also known as MFA or 2FA, to further protect your account. This lets the website send you a code to type in after entering your login credentials. This adds an extra layer of defense but makes logging in slower.
  • Set a reminder to regularly update passwords once every few months. This makes sure that the passwords you use won't stay relevant in the event of a data breach.

Talking to People Online

Not everybody on the internet is out to get you, obviously. But some people are, and it's important to be able to identify red flags and know what to do if somebody starts to make you uncomfortable. Coping with harassment and abuse is a bit out of the scope of this guide, but hopefully these tips can help you avoid some of it to begin with.

Don't feed the trolls

If somebody is harassing you or your friends, showing up in comment sections looking for a fight, or otherwise making insane, inflammatory statements and nobody knows who they are, they might be just trying to get a rise out of you. The best thing to do is block and move on; do not engage. You will not change anybody's worldview in a YouTube comment section, and by engaging with them (especially publicly) you've given them an opportunity to elaborate on their often hateful views and spread it to more onlookers. People who do this often crave attention; if you don't give it to them, they will normally stop, or at the very least move on to another target.

It can be very fun to mess with these people and call them out publicly, but it's important you try to fight that urge. Even if you find it funny, people scrolling past may be upset by the things the troll says, and putting yourself into a cycle of hatred and constantly talking to people who make you upset is not good for you.

Stay safe from malicious people

If you are a child/teenager, and an adult online is acting overly-friendly, calls you mature, wants to share personal life details, or otherwise treats you like the center of their world, be wary. This is often a red flag, and people who do this are often dangerous to you and your friends.

At any age, people talking about and asking for lots of personal details (real name/family life/trauma/age/location) shortly after meeting you is a red flag.

Block people if they make you feel uncomfortable or upset. You do not owe anyone an explanation for no longer talking to them, and this is especially so for folks you meet online. Trust your gut, and ask a trusted friend for input if you're unsure.

Avoid suspicious links and downloads

Don't click fishy links! Always check the full URL of links sent to you, especially by strangers. Make sure, for example, a Paypal link you recieve DOES go to — not '' or ''. You can use URLvoid to check a link if you're unsure about it. You never know what a scam website might be doing with your data or device!

Don't download/open fishy files! Always try to check with other real people (e.g. not from people in YouTube comment sections) if a program is legitimate or not. VirusTotal can help you if you already did download a file and are unsure if it's safe to open, but it's best not to download suspicious files to begin with.

Separation of Identity

The world is very connected now! Many schools, workplaces, and local event groups will have an online presence and may even require you to be a part of it. If you want to take part in these things as well as have your own online presence, it's a good idea to separate your identities.

Using different names

If you have interests you don't want real-life friends or family to know about, or you're closeted as queer and could be at risk if somebody found out, it's a good idea to use an alias online. If you have some accounts you want to share with people in real life and some that you don't, make sure you use different usernames/aliases with them, and don't link one to the other. Don't put your face on anything you'd be upset at somebody in real life potentially finding.


It's a good idea to have at least two emails; one for personal use, which does not use your legal name, so that you can give and recieve email from people online, and one for 'professional' use. The professional email should have your legal/full preferred name and should be something you'd be fine giving to an employer. actually offers free email, if you're in the market for a new one.


Adblockers are obvious, but there's other helpful programs you can download or use to keep yourself safe online.

Further Reading