Our digital identities aren’t limited to passwords, usernames and email addresses. Unlike physical identities, our digital identities paint a very good portrait of who we truly are. This is because of how social networks have built elaborate profiles with our personal information.

Just think of your Facebook profile. Odds are that it features pictures of you—taken from various different angles—your personal information, your employment information and even your relationship history. No physical ID comes close to holding the amount of personal information that digital IDs increasingly hold. If someone gets access to this, it can be used for nefarious reasons, some of which can be more subtle than others.

These past few years have been tough on our favorite social networks and consequently, a large part of our digital identities. Social networks have constantly come under fire for their general lack of care towards our personal information and privacy. Most recently as Sept. 2018, our beloved Facebook revealed “a security issue affecting almost 50 million accounts.” The company press release went on to say that “attackers exploited a vulnerability in Facebook’s code that impacted “View As” - a feature that lets people see what their own profile looks like to someone else.” This resulted in accounts being taken over and Facebook having to shut down the “View As” feature.

This is especially frustrating coming from a massive company that houses around 2.2 billion monthly users (according to Statista). To make matters worse, you still can’t really tell if your account was compromised. You may have been logged out of Facebook on your devices, but that’s about it. Mark Zuckerberg addressed this issue in a Facebook post on his personal profile, “We do not yet know whether these accounts were misused but we are continuing to look into this and will update when we learn more.” But it has been a month since the announcement — much more time has passed since the security issue started being exploited — and there’s still no way of telling if you’re personal information has been compromised.

Aside from completely deleting your Facebook account and your respective data, there’s really no other way of falling victim to these kinds of massive data leaks. But there are a series of guidelines that we can follow to minimize the impact of these tech giants and other attacks, on our privacy and online identities.

Two-factor authentication is a must
This may seem like a tedious step in your daily browsing habits, but it could make a huge difference. Two-factor authentication, or 2FA, basically provides an extra security measure to your login procedures. A typical 2FA system will send you a unique code by SMS, which you will have to input into the login system at hand, to be allowed entry. Google Authenticator is a popular smartphone app that does 2FA very well for Google apps. But then again, who’s to say that the next big data breach won’t affect this tech giant? Regardless of future hacks, 2FA is still an extra step of protection.

Lock down your password

This is perhaps one the most important aspects of digital identity theft protection, yet it often takes a backseat to convenience and laziness. Splashdata, a tech security company, compiled a list of the top 100 worst passwords of 2017. The top passwords in this list are a sad mix of “12345,” “password” and other single words like “welcome” and “monkey.” These weak passwords are easy prey for hackers and phishing attacks trolling for easy pickings. So, when choosing a password, you should concoct a healthy mix of uppercase and lowercase characters, along with a few numbers. If you’d like to double-check the strength of your password, sites such as this one provide handy tools to do so.

Your digital profile is very valuable
This is aimed at anyone who almost automatically logs into or authorizes third-party applications with their Facebook or Google accounts. Although, these logins are very convenient, you should be fully-aware that you’re basically giving away your personal information to third-party apps.

Earlier this year, a Cambridge Analytica whistleblower revealed that through Facebook and third-party applications on the platform, around 30 million people were targeted with political ads based on their private profiles. It turns out that if you installed a personality quiz app called “This Is Your Digital Life,” through your Facebook account, then your Facebook data was most probably affected. Facebook even released a tool to check if your account information has been compromised through these apps.

So, think twice before giving a seemingly harmless quiz app full access to your valuable, personal information.

Use Virtual Private Networks (VPN) in public

Public wifi networks have become increasingly abundant all around the world. According to Statista, there will be around 500 million public wifi hotspots by 2021. For the most part, they are very convenient to use. You will usually be prompted for an email address or a phone number when wanting to connect to a public network, but most people don’t scrutinize the nature of the network that they’re connecting to. Unfortunately, it’s not exactly like using a private network, because one can’t tell if someone else is monitoring all activity on the public network.

So, when using public wifi hotspots, refrain from sharing and requesting personal information. Do not access your bank records or other sensitive information. But if you truly want to be protected when browsing in coffee shops, you should invest in a VPN. These private networks encrypt all of your information and requests traveling to and from the servers that you’re accessing. A lot of these VPNs have subscription-based plans that are inexpensive. Don’t overlook this small but valuable investment for your digital identity protection.

Finally, you should be smart with how you manage your personal information online. If a website seems dubious, go with your gut and abort. You’ll almost always be making the correct decision and if not, there’s probably a much safer alternative to what you need. Browsers such as Google Chrome are trying to up their shields — look out for the “s” (secure) in https when browsing—so that users will be insured privacy and security online. But ultimately, protecting your digital identity is entirely your responsibility.