Before you start doing all the good things with your new identity, you should consider some best practices. Key habits can be the difference between ensuring long term success of your identity and having it fail and be uncovered.
Your main goal while operating your pseudonymous identity should be to prevent having it be linked back to your real-world identity, because if that happens then all your work goes to waste. There are many techniques you can use to ensure that to the best of your ability, but that can vary depending on your specific circumstances.
Read more about privacy and anonymity to become more aware of the different ways adversaries may be able to threaten them. Also beware and grow accustomed to some basic security best practices for defending yourself:
- Create secure passwords (some complementary thoughts on strong passwords here).
- Use a password manager.
- Enable two-factor authentication and use your YubiKey.
- Mind your communications.
Generally, however, since the main goal is to avoid links to your real identity, you should focus on compartmentalization. The level to which you commit to compartmentalizing parts of your life will, again, depend on your available time, skills, and budget.
The best case scenario, which you should strive for, is to have one separate device for each activity. That entails having one mobile device, one laptop, one phone number, one YubiKey (mabe here you'd want to have a second one as backup), and one of each device you might need for your pseudonymous identity –– and use them only for that single identity! Need a new identity? Then you'd need new devices.
But that is often not feasible, and rather than quitting it altogether, you should start small and build your way to the top. Striving for perfection is good if it means stimulating you to improve, but it can quickly become detrimental if it stops you from acting. Therefore, start with the good rather than the perfect.
In either case, you should compartmentalize as much as you realistically can at a given time.If you currently can't buy a new smartphone for your new identity, you can at least grab a new phone number, which is fairly cheap in most places, and a new VPN account with a different provider than your real identity's VPN. If your current phone supports two SIMs, for instance, you can use both numbers and both VPN accounts, switching VPN connections every time you need to connect to an app and based on the identity that app is associated with. I know, that can be rather cumbersome, but that's what a lower budget will often require.
Similarly, if you can't afford a new laptop, you can start by buying a VPN subscription as described previously in the guide and use the Tor Browser. However, that would only suffice for more basic threat models. You might then consider dedicating some time to flashing Tails onto a USB stick and learning the basics of the anonymity live operating system. That will enhance your setup right away, as Tails will enforce many best practices for you.
However, you always need to remember that all these tools are not perfect and that you might still be at risk. For instance, Tor can do little for you if you use it wrong. It currently goes beyond the scope of this guide to discuss why and provide some steps one could take to mitigate it, but here are some good and thorough guidelines (really read this!). If you're more inclined to academic research, reference Free Haven's Selected Papers in Anonymity.
If you've come so far, congratulations, you are now conscious about the importance of privacy, have taken steps to protect yours, developed a threat model, created a new identity, and has been briefed on how to properly operate it.
This guide is an on-going project, so if you think there's areas on which it can be improved, open an issue or contribute.
To support the development of this project, and other BlockchainCommons projects, consider sponsoring us with a one-time grant through our BTCPay Server and let us know "Pseudonymity Guide" was the reason why. Alternatively, consider becoming a sustaining sponsor on GitHub.