2FA (Two-Factor Authentication)
A second layer of security added to your password when logging into an account. After entering your password, you need to provide a second piece of proof (like a code from an app on your phone, a text message, or a physical security key) to confirm it’s really you. This makes it much harder for hackers to get in, even if they steal your password. Read more in: Password Managers
AES-256
A very strong standard for encryption used worldwide by governments and security systems to protect sensitive information. It scrambles data so it’s unreadable without the correct key. Read more in: Password Managers and Secure Messaging
Autofill
A feature, often found in web browsers and password managers, that automatically fills in information for you, such as your username, password, address, or credit card details, into online forms. Read more in: Password Managers
Biometric Authentication
Using unique physical characteristics, like your fingerprint or face, to verify your identity and log into devices or accounts. Read more in: Password Managers
Bitwarden
A popular password manager known for being open-source (meaning its code can be publicly checked) and offering a very generous free plan. Read more in: Password Managers
Boxcryptor
A software tool that lets you encrypt files before storing them with mainstream cloud storage providers like Dropbox or Google Drive, adding a layer of privacy. Read more in: Cloud Storage Alternatives
Brave
A free web browser focused on privacy that automatically blocks ads and trackers. It’s built using the same underlying technology as Google Chrome (Chromium). Read more in: Browser Sovereignty
Briar
A secure messaging app designed for high-risk situations (like activism or journalism). It can send messages directly between nearby devices using Bluetooth or Wi-Fi (even without internet) and uses the Tor network for extra privacy when online. Read more in: Secure Messaging
Browser Extension
A small piece of software you can add to your web browser (like Firefox, Chrome, or Brave) to give it new features or capabilities, such as blocking ads (uBlock Origin) or managing passwords. Read more in: Browser Sovereignty and Password Managers
Chromium
The open-source web browser project developed primarily by Google. Google Chrome is based on Chromium, as are other browsers like Microsoft Edge and Brave. Read more in: Browser Sovereignty
Client-Side Encryption
A security method where your files or messages are encrypted (scrambled) directly on your own device before they are sent to an online service (like cloud storage). This means the service provider cannot access your unencrypted data. This is generally more private than server-side encryption. Read more in: Cloud Storage Alternatives
Cloud Storage
Storing your digital files (documents, photos, etc.) on servers connected to the internet, rather than just on your computer’s hard drive. This allows you to access your files from different devices and locations. Examples include Google Drive, Dropbox, iCloud, and privacy-focused alternatives like ProtonDrive or Tresorit. Read more in: Cloud Storage Alternatives
Credential Stuffing
An attack where hackers take lists of usernames and passwords stolen from one website’s data breach and try using them to log into accounts on many other websites. This works because many people reuse the same password across different services. Read more in: Password Managers
Cryptomator
Free and open-source software that creates encrypted “vaults” inside your existing cloud storage folders (like Dropbox, Google Drive). Files you put in the vault are encrypted on your device before being synced, keeping them private from the cloud provider. Read more in: Cloud Storage Alternatives
Data Breach
An incident where sensitive, protected, or confidential information is accessed, stolen, or used by individuals or systems without authorization. Read more in: Password Managers
Data Mining
The practice of analyzing large databases of information (often user data collected by online services) to find patterns, trends, or insights, typically used for targeted advertising, market research, or building user profiles. Read more in: Email Sovereignty and Browser Sovereignty
Decentralized
A system or network designed to operate without a single central point of control or data storage. Instead, control and data are distributed among multiple participants or devices. Examples include Syncthing for file sync or messaging apps like Element or Briar. Read more in: Secure Messaging and Cloud Storage Alternatives
Digital Sovereignty
The concept of having control over your own digital identity, data, online activities, and technology choices, free from the undue control or surveillance of large corporations or governments. Read more in: Email Sovereignty, Browser Sovereignty, and OS Control
E2EE (End-to-End Encryption)
A secure communication method where information (like a message or file) is encrypted on the sender’s device and can only be decrypted by the intended recipient’s device. The companies providing the service (like the messaging app or email provider) cannot read the content, even if they wanted to. This is the gold standard for private communication. Read more in: Secure Messaging and Email Sovereignty
Element
A secure, decentralized messaging and collaboration app. It uses the open Matrix protocol, allowing users to connect to different servers or even host their own. Read more in: Secure Messaging
Encryption
The process of converting information or data into a code (scrambling it) to prevent unauthorized access. Only those with the correct key (often derived from a password) can decrypt (unscramble) the information back into its readable form. Read more in: Secure Messaging and Password Managers
Fastmail
A paid email service known for its speed, reliability, and strong privacy policy. Unlike free providers, it doesn’t scan emails for advertising or mine user data because its business model is based on subscriptions. Read more in: Email Sovereignty
Filter Bubble
An effect caused by algorithms personalizing your online experience (like search results or social media feeds) based on your past behavior. This can limit your exposure to information and viewpoints that disagree with your own, isolating you in your own cultural or ideological “bubble.” Read more in: Browser Sovereignty
Fingerprinting (Browser)
A technique used by websites to identify and track users by collecting subtle details about their browser and device configuration (like installed fonts, screen resolution, browser version, plugins, etc.). This can create a unique “fingerprint” even if cookies are blocked. Read more in: Browser Sovereignty
Firefox
A popular, free, and open-source web browser developed by the non-profit Mozilla Foundation. It’s often recommended as a more privacy-respecting alternative to Chrome, though some recent policy changes have raised concerns discussed in the guides. Read more in: Browser Sovereignty
Fork (Software)
In open-source software, creating a new, independent project by copying the source code of an existing project. This is often done to take the project in a different direction or add features the original developers didn’t. LibreWolf is a fork of Firefox. Read more in: Browser Sovereignty
GDPR (General Data Protection Regulation)
A comprehensive data protection and privacy law enacted by the European Union (EU). It gives individuals more control over their personal data and sets strict rules for companies handling that data.
Gmail
Google’s widely used free email service. While convenient, it’s often criticized for its data collection practices used for advertising and profiling. Read more in: Email Sovereignty
Google Drive
Google’s cloud storage service, offering free and paid tiers for storing files online and syncing them across devices. Read more in: Cloud Storage Alternatives
HIPAA (Health Insurance Portability and Accountability Act)
A United States federal law that sets standards for protecting sensitive patient health information (PHI) from being disclosed without the patient’s consent or knowledge. Relevant when choosing cloud storage for medical records. Read more in: Cloud Storage Alternatives
HTTPS / HTTPS Everywhere
HTTPS (Hypertext Transfer Protocol Secure) is the secure version of HTTP, the protocol used to transfer data over the web. HTTPS encrypts the connection between your browser and the website, preventing eavesdropping. HTTPS Everywhere is a browser extension that tries to force websites to use HTTPS whenever possible. Read more in: Browser Sovereignty
IMAP (Internet Message Access Protocol)
A standard technical protocol used by email clients (like Thunderbird or Apple Mail) to retrieve emails from a mail server. Unlike the older POP protocol, IMAP generally leaves messages on the server, allowing you to synchronize your email across multiple devices. Read more in: Email Sovereignty
iOS
Apple’s mobile operating system that runs on iPhones and iPads. Read more in: OS Control
Keeper
A password manager service, often used by businesses, known for its strong security features. Read more in: Password Managers
Keylogging
A type of malicious software (malware) or hardware device that secretly records every keystroke a user makes on their keyboard. Hackers use this to steal passwords, credit card numbers, and other sensitive information. Read more in: Password Managers
LastPass
A well-known password manager service that suffered significant security breaches in 2022-2023, raising concerns about its security architecture and response. Mentioned as a cautionary tale. Read more in: Password Managers
LibreWolf
A free, open-source web browser created as a “fork” of Firefox. It’s designed with a strong focus on privacy and security, removing telemetry and other features from Firefox that could compromise privacy. Read more in: Browser Sovereignty
Mailbox.org
A paid email service based in Germany that focuses on privacy and security. It also offers integrated calendar, contacts, and cloud storage features. Read more in: Email Sovereignty
Malware
Short for “malicious software,” this is any software intentionally designed to cause damage to a computer, server, client, or computer network, or to steal information. Examples include viruses, worms, Trojan horses, ransomware, spyware, and keyloggers. Read more in: Password Managers and OS Control
Master Password
The single, main password you create to lock and unlock your password manager vault. It’s extremely important to make this password very strong and unique, and to never forget it, as it protects all your other passwords. Read more in: Password Managers
Matrix Protocol
An open standard for secure, decentralized, real-time communication. It allows different apps (like Element) built on Matrix to communicate with each other, similar to how different email clients can communicate using email standards. Read more in: Secure Messaging
Metadata
Data that provides information about other data. In the context of messaging or email, it’s not the content of your conversation, but information about it, such as who you communicated with, when, for how long, from what location (sometimes), device types used, etc. Even end-to-end encrypted services might collect metadata. Read more in: Secure Messaging and Email Sovereignty
Microsoft Edge
Microsoft’s web browser, which replaced Internet Explorer. Modern versions are based on the same Chromium technology as Google Chrome. Read more in: Browser Sovereignty
Mozilla
The non-profit organization behind the Firefox web browser and other internet-related projects. Read more in: Browser Sovereignty
Nextcloud
Free and open-source software that allows you to set up your own private cloud storage, file sharing, and collaboration platform (similar to Google Drive or Dropbox) on a server you control (self-hosting). Read more in: Cloud Storage Alternatives
NordPass
A password manager developed by the company behind NordVPN. It’s known for its user-friendly interface and strong encryption. Read more in: Password Managers
Okta
A company that provides identity management services for businesses, helping them manage employee logins to various applications. Mentioned in relation to a security incident affecting 1Password. Read more in: Password Managers
Onion Routing
A technique for anonymous communication over a network. It encrypts messages in multiple layers (like an onion) and routes them through a series of intermediary servers (“onion routers”). Each server only knows the previous and next hop, making it very difficult to trace the message back to its origin or destination. Used by Tor and some secure messaging apps like Session. Read more in: Secure Messaging and Browser Sovereignty
Open Source
Software whose source code (the human-readable instructions written by programmers) is made publicly available. This allows anyone to view, study, modify, and distribute the code. Open-source software is often considered more trustworthy because its security and functionality can be independently verified. Read more in: Browser Sovereignty and Password Managers
Outlook
Microsoft’s email service, available as a free web version (Outlook.com) and as part of the paid Microsoft 365 suite. Read more in: Email Sovereignty
Password Manager
An application designed to securely store and manage your passwords for various online accounts. It helps you create unique, strong passwords for every site, stores them in an encrypted “vault,” and often automatically fills them in when you log in. You typically only need to remember one strong “master password” to access the vault. Read more in: Password Managers
PGP (Pretty Good Privacy)
One of the earliest and most well-known standards for encrypting and decrypting data, often used for email encryption. While very secure, it can sometimes be more complex for non-technical users to set up compared to newer end-to-end encrypted services. Read more in: Email Sovereignty
Phishing
A type of online scam where attackers try to trick you into revealing sensitive information (like passwords, credit card numbers, or personal details) by pretending to be a legitimate person or organization, often through fake emails, messages, or websites that look real. Read more in: Password Managers and Email Sovereignty
POP (Post Office Protocol)
An older standard technical protocol used by email clients to download emails from a mail server to your device. Typically, messages are deleted from the server once downloaded, making it harder to sync email across multiple devices compared to IMAP. Read more in: Email Sovereignty
ProtonDrive
An end-to-end encrypted cloud storage service developed by the Swiss company Proton, known for its privacy-focused email service, ProtonMail. Read more in: Cloud Storage Alternatives
ProtonMail
A popular email service based in Switzerland that provides end-to-end encryption for emails between ProtonMail users and strong privacy protections. Read more in: Email Sovereignty
ProtonPass
A password manager developed by Proton, focusing on privacy, security, and integration with other Proton services. Read more in: Password Managers
RCS (Rich Communication Services)
A modern messaging protocol intended to replace SMS on Android phones, offering features like read receipts, typing indicators, and better media sharing. Google Messages uses RCS, and offers end-to-end encryption for one-on-one RCS chats (but not group chats). Read more in: Secure Messaging
Safari
Apple’s web browser, available on macOS, iOS, and iPadOS devices. Read more in: Browser Sovereignty
Secure Note
A feature found in many password managers that allows you to store sensitive text-based information (like software license keys, Wi-Fi passwords, recovery codes, or private notes) in your encrypted vault, protected by your master password. Read more in: Password Managers
Self-hosting
Running and maintaining your own server and software applications (like Nextcloud for cloud storage or Element for messaging) instead of relying on third-party service providers. This offers maximum control and privacy but requires technical knowledge and effort. Read more in: Cloud Storage Alternatives
Session
A free, open-source, decentralized messaging app that uses end-to-end encryption and onion routing for privacy. It doesn’t require a phone number to sign up, using randomly generated IDs instead. Read more in: Secure Messaging
Signal
A free, open-source messaging app widely regarded as one of the most secure and private options available. It offers strong end-to-end encryption for all messages and calls, collects minimal metadata, and is run by a non-profit foundation. Read more in: Secure Messaging
SimpleX Chat
A newer, free, open-source messaging app focused on extreme privacy. It uses no user identifiers (like phone numbers or random IDs) and routes messages through a decentralized network to protect metadata. Read more in: Secure Messaging
SMTP (Simple Mail Transfer Protocol)
The standard technical protocol used for sending emails from an email client to an email server, and between email servers across the internet. Read more in: Email Sovereignty
SMS (Short Message Service)
The standard text messaging service used by mobile phones. SMS messages are typically not encrypted and can be intercepted or read by mobile carriers. Read more in: Secure Messaging
Syncthing
A free, open-source application that synchronizes files directly between your own trusted devices (computers, phones, servers) without needing a central cloud server. Your data stays entirely on your devices. Read more in: Cloud Storage Alternatives
Sync.com
A paid cloud storage service based in Canada that provides end-to-end encryption and zero-knowledge architecture, meaning they cannot access your stored files. Read more in: Cloud Storage Alternatives
Takeout (Google)
A service provided by Google that allows users to download an archive of their data from various Google products, such as Gmail, Google Drive, Google Photos, and more. Read more in: Email Sovereignty and Cloud Storage Alternatives
Telemetry
Data automatically collected by software applications about how they are used, system performance, errors, and user interactions. This data is sent back to the software developers, often for debugging or improving the product, but can sometimes raise privacy concerns depending on what data is collected and how it’s used. Read more in: Browser Sovereignty and OS Control
Telegram
A popular messaging app known for its speed and features. However, its standard chats are not end-to-end encrypted (they are stored on Telegram’s servers). Only optional “secret chats” offer E2EE, and group chats are never E2EE. Read more in: Secure Messaging
Threema
A paid messaging app based in Switzerland with a strong focus on privacy and security. It offers end-to-end encryption for all communications and can be used anonymously without linking a phone number or email address. Read more in: Secure Messaging
TLS (Transport Layer Security)
A standard security protocol used to establish encrypted links between networked computers. It ensures that data transferred between systems (e.g., your browser and a website via HTTPS, or between email servers) remains private and integral. It protects data in transit but not necessarily when it’s stored (at rest). Successor to SSL (Secure Sockets Layer). Read more in: Browser Sovereignty and Email Sovereignty
Tor / Tor Browser
Tor (The Onion Router) is free, open-source software that enables anonymous communication online. It directs internet traffic through a worldwide, volunteer overlay network consisting of thousands of relays to conceal a user’s location and usage from network surveillance or traffic analysis. The Tor Browser is a modified version of Firefox specifically configured to connect to the Tor network for more private web browsing. Read more in: Browser Sovereignty and Secure Messaging
Tresorit
A paid, end-to-end encrypted cloud storage service based in Switzerland, often focused on business users needing high security and compliance features like HIPAA or GDPR. Read more in: Cloud Storage Alternatives
Tutanota
A free and paid email service based in Germany that provides automatic end-to-end encryption for the entire mailbox (including subject lines, contacts, and calendar), using open-source code. Read more in: Email Sovereignty
uBlock Origin
A highly effective, free, and open-source browser extension that blocks online advertisements and tracking scripts, improving browsing speed and privacy. Read more in: Browser Sovereignty
UI (User Interface)
The means by which a user interacts with a software application or device. It includes the visual elements like buttons, menus, icons, and the overall layout and design.
Vivaldi
A free web browser known for its extensive customization options and built-in features like an ad/tracker blocker, notes, and email client. Read more in: Browser Sovereignty
VPS (Virtual Private Server)
A type of hosting service where a virtual machine is sold as a service by an internet hosting provider. You rent a “slice” of a physical server, giving you dedicated resources and control over your own server environment, often used for self-hosting websites or applications like Nextcloud. Read more in: Cloud Storage Alternatives
A very popular messaging app owned by Meta (Facebook). While it uses Signal’s end-to-end encryption protocol for messages, it collects significant amounts of metadata (information about your communication patterns) and shares it with Meta. Read more in: Secure Messaging
Wire
A secure collaboration platform offering end-to-end encrypted messaging, calls, and file sharing. Based in Europe (Switzerland/Germany), it caters to both personal and business users. Read more in: Secure Messaging
XChaCha20
A modern, secure encryption algorithm used as an alternative to AES-256 by some applications, such as the NordPass password manager. Read more in: Password Managers
Yahoo Mail
A free web-based email service provided by Yahoo. Read more in: Email Sovereignty
Zero-Knowledge Architecture
A security model, particularly used by password managers and some cloud storage services, where the service provider has “zero knowledge” of the user’s actual data or master password. All encryption and decryption happen on the user’s device, and the provider never receives the unencrypted data or the key needed to decrypt it. This means even the provider cannot access your sensitive information. Read more in: Password Managers and Cloud Storage Alternatives