Home · Privacy · 6 min read
Digital Hygiene for Public Women: the Basic Protocol
Doxxing is almost never the result of a hacker attack — it is usually the result of default settings and small everyday carelessness. We have put together a basic protocol of 12 habits: separate accounts, metadata, contact sync, passwords and 2FA — everything you can lock down in a single evening if you work through it as a checklist.
Public work breaks the familiar logic of security: you used to protect your accounts from being hacked — now you protect your own identity from being linked to them. The good news is that the vast majority of leaks happen through the same channels. There are few of them, they are well known, and almost all of them are closed with settings, not heroics.
Where leaks come from
Your phone helpfully syncs your contacts — and the platform shows you to your relatives in the "people you may know" block. Photos store geotags. The same email links your work profile to an old resume. None of these channels looks dangerous on its own: what doxxes you is always a combination of two or three small things. Old accounts are a separate story: forums, classified boards and school-era social networks registered to the same email live on for years and patiently wait for someone to find them.
Doxxing rarely looks like a hack. It usually looks like a "People you may know" notification.
The protocol: 12 habits
- Separate accounts. A dedicated email and a dedicated number for everything work-related; they never overlap with your personal ones anywhere;
- Contact sync — off. On work devices and in platform apps: it is precisely what builds the "you may know" bridge;
- One alias everywhere. Your real first and last name appear nowhere — not in the handle, not in the signature, not in the email address;
- Metadata. Photos and videos are stripped of EXIF and geotags before publishing — with built-in system tools or a dedicated app;
- The background of the frame. Windows, street signs, diplomas and receipts on the desk dox you more reliably than any metadata — check before every post;
- A password manager. A unique password for every service: "one password everywhere" turns any leak into a total one;
- App-based 2FA. Two-factor protection on all work accounts, with codes from an app rather than SMS;
- A separate browser or profile for work platforms: fewer cross-site cookies and fewer logins "in the wrong window";
- A self-search once a month. Search your alias and run a reverse image search on your photos: a leak is best found by you first;
- Personal social media — locked. Private profiles, a hidden friends list, geotags switched off in personal posts;
- Other people's devices — no. No logging in from anyone else's computer; active sessions are reviewed and closed regularly;
- An "if it leaks" plan. Platform support addresses and DMCA forms saved in advance: under stress they are much harder to find.
How to roll it out
Do not try to do everything at once. Items 1–3 take one evening and close the most common combinations; metadata and backgrounds are the habit of the first week; the rest gets tightened up on weekends. If some item is already broken, it is not a catastrophe: what to do when your identity has already been linked to your profile, we covered in our piece on protecting yourself from doxxing.
FAQ
Do I need a separate phone?
Not necessarily. A separate number (an eSIM, for example) and separated profiles close most of the risk; a separate device is a comfort level, not a necessity.
Does a VPN help?
A VPN hides your IP address but does not touch the main doxxing channels — linked accounts, contact sync and file metadata. It is an addition to the protocol, not a replacement for it.
Where do I start if everything is already mixed together?
With your email and number: create clean work ones, move your platforms over to them, then disable contact sync and go down the list from the top.
If your top priority is keeping the page away from people you know, check the dedicated protocol: how to hide OnlyFans from people you know.