Millennierd logo

Go beyond average phone and cloud use

Being average is good enough. But it's better to rise above that. By following this guide, you rise above the rest and be even more worry-free about your online presence.

  • Ram Iyer
  • 9 min read
Go beyond average phone and cloud use
Photo by Harnoor Dhaliwal on Unsplash
Table of contents

An average life is usually good enough. This applies to your online presence as well. But the downside to this is, every exploitation is targeted on the average person, because this is the largest pool of victims. What’s more, not every exploitation is apparent.

But, since we have spoken so much about the different aspects of losing a phone, I thought, let me take the next step of helping you protect your information from exploitation as well, not just from theft.

In case you haven’t read the previous posts on this subject, they are here:

  1. Losing a phone is not about the phone
  2. A lost phone is not always really lost
  3. How to not lose your mind when you lose your phone
  4. Go beyond being an average phone and cloud user (this article)

Here are my recommendations for the tools to use. Now, normally, I would suggest using all private (as in privacy-respecting) services. But that costs money. Almost always. If you don’t want to pay, no problem—your money, your choice. You can go with the “free” services (like Google’s). But you should at least make an effort to secure your data from data thieves.

Instead of an expansion card

One option, of course, is the cloud. The other is an OTG thumb drive/pen drive. OTG stands for “on-the-go”, and refers to pen drives that have connectors compatible with phones. With the latest iPhones in the market, you no longer have to hunt down pen drives that have USB-A (the “standard” large USB port on your computer), USB-C (the more modern USB ports found on Androids and everywhere else except iPhones) and Lightning (those small ports on iPhones since iPhone 5 up to iPhone 14). You can now simply go for a USB-C pen drives and they will work across devices including phones. If your phone uses a micro-USB port, you get converter cables.

The biggest plus point with pen drives is, you can copy the data and leave the drive at home. This way, you not only have an expanded storage, you also have a backup. What’s more, these pen drives can be cloned, so, you can have multiple copies and place them in different locations.

Of course, always encrypt these, as these devices can be lost or stolen easily. Use the free-and-open-source tool, VeraCrypt for that. If you are unfamiliar with encryption, you should get a pen drive and just have a dummy folder in it with some dummy documents. Use VeraCrypt to encrypt the storage. Decrypt, open files and so on, and get comfortable using it. Then copy over the real content for encryption.

Instead of passwords you easily remember

If you only want a free service, you can use Android/Chrome’s password manager. If you are on the Apple ecosystem, you could use the Passwords app. These options are good enough, provided you are not concerned about privacy. Also, these are proprietary software, and therefore, their vulnerabilities may not be easily known.

I use Bitwarden. Proton Pass is another private option. Both these have decent free plans, but their paid plans aren’t exactly expensive. Bitwarden is a meagre $10/year subscription. That is about ₹900 per year; ₹75 a month. Proton Pass is a little expensive at €3 per month, which is why I am not suggesting that; I don’t see how Proton Pass is better than Bitwarden, unless you are part of the Proton ecosystem, in which case you are anyway not paying for Proton Pass separately.

In either of these, with the free plan, you don’t get integrated 2-factor authentication code generator, which is why, if you go with the free plan on these, use:

Instead of just a password

Google Authenticator and Microsoft’s Authenticator are two free options. They are owned by large corporations, and they come with their strings attached. If that does not bother you, use them.

On the privacy-forward list, one good option is Ente Auth. It is free as of writing this, but may start charging users later. When I first installed it to try it, I remember them saying I would be “grandfathered” in their ecosystem. (Which means I would not have to pay if/when they start charging for the service.)

With the Ente account, your 2FA keys sync across all devices. Make sure you have signed into Ente Auth using the Ente account on all these devices. The only drawback is, Ente Auth does not have browser extensions as of now, which means—at least for now—you always have to reach for your phone (or tablet or laptop/desktop) to enter your 2FA code, which is not great.

Here is a video that gives you the context and helps set up your 2FA app:

Bitwarden Authenticator is another option, though, it is very new as of writing this. The app, as of now, does not have a backup method built-in, and relies on iOS or Android backup instead. There may be other limitations as of now, but having known and used Bitwarden for a good part of the decade, I am confident they will develop this to be a great app.

Instead of plain vanilla cloud storage

Cryptomator is a fantastic tool that encrypts data on any cloud. This means, even if you place something on services like Google Drive, Cryptomator can encrypt this data so that Google cannot read it. Go check out this official video to know how to use it:

Try this with a dummy folder or something insignificant for a while, until you get comfortable using it. It’s very simple, but might take you a couple tries to get a hang of it.

Contacts storage

Store your contacts in Google Contacts or iCloud Contacts. For most people, these are absolutely fine. If you have sensitive contacts, and cannot—or don’t want to—use cloud, you can make a manual export of contacts and store them in vaults such as one created using Cryptomator. Contacts are not large files; they are merely text in a machine-friendly format. A few hundred contacts would probably take a few tens of kilobytes of space (a kilobyte—or KB—is one-millionth of a gigabyte—or GB).

Another option is Proton Contacts. But Proton doesn’t integrate with phone contacts in either smartphone platform as of writing this article. There are rumours about the feature coming in the future, where Proton acts as a contact provider on the phone like Google, Microsoft and Apple do. Otherwise, you could keep just your sensitive contacts in Proton Contacts and access them using the Proton Mail or Proton Calendar client, while you keep your regular contacts in iCloud, Google Contacts or Microsoft’s Outlook (outlook.com) platform.

Instead of local photos

Sure, Google Photos and iCloud Photos are great options. Even though the respective corporations may harvest the data in them, they protect your data from external parties pretty well, provided you have the right security enabled on your account. But remember that because such a large chunk of people use these services, these services are under a fair amount of attack (though most—if not all—of those attacks are thwarted).

To get better security on iCloud, you can enable Advanced Data Protection, but when you create a shared album, Apple stores the decryption key on its servers so that it can give it to the others contributing to the shared album, and this might or might not work for your threat model. You have to judge this yourself.

The alternative that I absolutely loved is Ente. The app can automatically back up photos and videos to the Ente cloud with end-to-end encryption. This way, your photos and videos remain private, even from Ente. Another option is Proton Drive, which I will come to in a moment.

Instead of local notes

I use Notesnook for private note-taking. Notesnook’s open-source, zero-knowledge, end-to-end encryption secures your notes. You can use its generous free plan, or upgrade to the paid version for just ₹1,050 a year—a bargain compared to even traditional notebooks. You can use this for your journal, or to take regular notes, store to-do lists, etc.

Another option is Cryptee, built by a developer based out of Estonia, with a generous-enough free plan for just writing, this is a progressive web app, which you don’t have to “install” in its literal sense.

Obsidian is one more option, which, while not open source, has the code for the client available for reading and auditing. Good enough in my books. Obsidian have their own Obsidian cloud, which they claim it is end-to-end encrypted. That said, Obsidian does allow you to save your “vault” anywhere including services like iCloud.

Google Keep and Apple Notes are good options as well, and so is Microsoft OneNote. If you don’t want any of the indie tools above, pick any of these.

For email

Regardless of which email you use:

  1. Enable two-factor authentication
  2. Don’t store passwords as email drafts
  3. Don’t send passwords by email
  4. Enable app lock on the email client

If you want a more private option, go with Proton Mail. Their free plan gives you mere 500 MB (yes, MB) to start with, which gradually increases to 1 GB over time. This might not be enough for most people. But this is one of the most private options out there.

For cloud storage

Use any storage provider, just don’t store important documents solely on the phone. The data on your phone can be your working copy, but have a backup elsewhere. Online storage “drives” such as Google Drive, Apple iCloud, Dropbox are all good options. Enable two-factor authentication for enhanced security.

If you want privacy, go for Proton Drive. But again, the free version only has 500 MB of space. That is not much. But if you get their paid plan, you can use your Proton Drive for photo backup. Pictures contain a lot of information. Check out https://theyseeyourphotos.com/ (and even upload a picture from your gallery) to see what the Google Vision API can see from seemingly simple pictures. I know, the irony makes me laugh as well.

For messaging

WhatsApp is a great option. No, really. WhatsApp messages are end-to-end encrypted and everything. Only problem is, Meta owns it, and can use messages that are not end-to-end encrypted (such as messages you receive from online services) to profile you.

One great configuration option on WhatsApp is the app lock. Even if someone manages to flick your phone while you were booking your Uber, they will not be able to open your WhatsApp chats if you have app lock enabled (and set it to lock immediately). Second, WhatsApp allows you to sign into multiple devices at the same time, removing reliance on one device. Third, it has the option to enable two-factor authentication, which I recommend you do. This way, someone cannot sign you into another device just because they have access to your SIM (and can read SMSes).

And that’s a wrap

What started as a chat went on to become a set of points, which later evolved into this long series on protecting your phone and your data. I hope this has brought you some value. If it has, please consider sharing this among your colleagues, friends and family. You might end up saving someone a lot of trouble and heartache.

If you have feedback to share, please hit me up at @millennierd on YouTube, X, Instagram, Facebook or Medium. You could also subscribe to my newsletters below (scroll to the blue box) that I plan to start in the near future.

Ram Iyer

Written by : Ram Iyer

As a tech enthusiast with a passion for science, I write, code and create to help you make your life better.

Recommended for You

How to not lose your mind when you lose your phone

How to not lose your mind when you lose your phone

Your phone is often the single point of failure for your online life. Here is a simple guide to help you protect your online presence despite the loss of your phone.

A lost phone is not always really lost

A lost phone is not always really lost

When is a phone really lost? You may be surprised to know that some simple steps can help you recover your phone, and more importantly, protect you and your data.

Stay updated.

Join our community of enthusiasts and stay informed. Enter your email address, and we'll make sure you're always in the know!

Powered by Buttondown.