Never, considering how shit ProtonVPN is on Linux

It was a successful attempt I got them to switch

Update: it worked

Use a 2fa authenticator app, Raivo if you are on iOS, Aegis if you are on Android. They both allow you to create backups of the tokens. And then also keep a safe backup of the recovery codes that are given to you after you complete the 2fa.

It’s better to be locked out of your password manager and just reset your password for all your accounts, than to have every single one of your accounts get hacked and possibly NEVER get them back.

I would heavily recommend that you don’t put all your eggs in the same basket ESPECIALLY when it comes to a password manager. If youre going to use Proton Pass, make a separare email for that.

To answer the next question, yes you do bother with 2FA ESPECIALLY for a password manager. I mean, you are literally storing like 30 or however many passwords, pretty much your entire digital life there. Do you think it is a good idea to have only one form of verification, one that can be easily cracked through a data breach, to hold all of your passwords? There is a reason why services like banks force you into 2FA when it comes to online banking. And you won’t have to worry about locking yourself out as long as you backup your 2FA tokens, and also keep a copy or two of the recovery codes, preferrably in an encrypted file container on a computer and a usb drive.

Next question: use long pass phrases. Something like: Fediverse-American-Samsung-Electric-Hydro-Synth, you get the point. It is easier to remember than a password.

Use email aliases as much as you can. Simplelogin and Anonaddy are the two best recommendations. The less your real email is visible, the chances of it being in a breach is lower.

As for your threat model, if you don’t want to get hacked, do pretty much as I said above. Don’t put all your eggs in the same basket, use a password manager with a strong passphrase and 2fa enabled. Enable 2fa for as many services as possible and make backups and keep the recovery codes safe. Use email aliases to mask your real email.

Optimal solution to everything isn’t it?

Nobody has questioned it yet. Here is the screenshot if you were curious:

I photoshopped the top menu and the bottom and also made the picture the same as my phones resolution so there is no room for doubt 😎.

Try out Minetest and download the Mineclone2 Mod through the game. It is quite literally a Minecraft clone that is free and open source, does not require any accounts, has tons of mods, and does not have any tracking or bloatware programmed into it.

I will find out in a few days if it will work. I am unfortunately in the US so most people just use SMS/iMessage but within my social circle most used Whatsapp. Hopefully they install Signal instead of just texting via SMS

I deleted Whatsapp but created a photoshopped screenshot of Whatsapp banning my account so that everybody around me thinks it is involuntary, going to try to get them to switch to Signal soon. Wish me luck

Pixels are the least bloated of Androids fortunately.

Commenting so I can hear the answers

I use it because it uses Mullvad’s servers but it also supports Mozilla. Have no complaints so far. Just use an alias email and pay with a virtual credit card or a visa gift card for maximum privacy. It’s got all the features that you need such as custom DNS, multihop, built in speed tester, malware and ad blocking (although does not work when you use a custom DNS).

If you are using a stock Android Pixel, it should have a ‘now playing’ feature. It is not privacy-friendly whatsoever, but then again, that’s just stock Android in general. If you are using a custom ROM, then I would suggest just keep using Shazam but use it in a work profile using Shelter, and make the microphone permissions to be “ask every time”.