The average person has over 100 online accounts. Many of those accounts were created years ago for services you no longer use, holding personal information that remains exposed. Your digital identity is the sum of every account, profile, post, and data point associated with you online. Managing it proactively is one of the most impactful things you can do for your long-term security and privacy.

Auditing Your Online Accounts

The first step toward managing your digital identity is understanding its current state. Most people are surprised by how many accounts they have when they take inventory. Start a systematic audit:

  1. Check your email for account creation confirmations. Search your inbox for phrases like "welcome to," "verify your email," "your account," and "confirm your registration." This reveals accounts you may have forgotten about.
  2. Review your password manager if you use one. It contains a record of every login you have saved, which provides a partial inventory of your accounts.
  3. Check your browser's saved passwords in Chrome, Firefox, or Safari settings. Browsers often save credentials for sites you may not have added to a dedicated password manager.
  4. Review social login connections. Check which apps you have logged into using "Sign in with Google," "Sign in with Facebook," or "Sign in with Apple." Each of these represents a connected account that may still have access to your data.
  5. Search data broker sites for your name and email addresses to discover what public-facing profiles exist about you.

Deleting Unused Accounts

Every account you maintain is a potential vulnerability. If a service you signed up for five years ago gets breached, your data is exposed even though you no longer use it. Deleting unused accounts reduces your attack surface.

For each account you no longer need, follow this process: first, log in and review what personal data the account holds. Download any data you want to keep. Then look for an account deletion option in the settings, which is usually under "Privacy," "Security," or "Account Management." Some services make this deliberately difficult, burying the option or requiring you to contact support.

The website JustDeleteMe (justdeleteme.xyz) maintains a directory of direct links to account deletion pages for hundreds of services, color-coded by difficulty. For services that do not offer self-service deletion, the site provides instructions for contacting support to request removal.

Before deleting an account, change the personal information in your profile to fictional data. Replace your name, date of birth, and address with fake information. Even after deletion, some services retain data for a period, and replacing real data with fake data provides an extra layer of protection.

Username and Email Strategy

How you create accounts matters as much as how many you have. A consistent username across platforms makes it easy for anyone to link your accounts together and build a profile of your online activity. A consistent email address means that a breach at one service exposes the login email for all your other accounts.

Consider adopting a compartmentalized approach:

  • Use different usernames for accounts that you want to keep separate. Your gaming username does not need to match your professional LinkedIn profile or your Reddit account.
  • Maintain separate email addresses for different purposes: one for financial services, one for social media, one for shopping, and one for throwaways. This limits the damage from any single breach and makes it harder to correlate your accounts.
  • Use email aliasing services to create unique email addresses for every account without managing dozens of inboxes. Services like SimpleLogin, AnonAddy, and Apple's Hide My Email generate unique forwarding addresses that route to your real inbox. If one alias starts receiving spam, you know exactly which service leaked or sold your data, and you can disable that alias without affecting anything else.

Managing Your Google Footprint

For most people, Google holds more personal data than any other single company. Your Google account may contain years of search history, location history, YouTube watch history, voice recordings from Google Assistant, and data from every Google service you have ever used. Taking control of your Google data is a significant step in managing your digital identity.

  1. Visit myactivity.google.com to see and delete your activity history across all Google services. You can delete by date range, by product, or everything at once.
  2. Set up auto-delete for web and app activity, location history, and YouTube history. Google offers options to automatically delete data older than 3 months, 18 months, or 36 months.
  3. Review myaccount.google.com/permissions to see which third-party apps have access to your Google account and revoke access for any you no longer use.
  4. Download your data using Google Takeout (takeout.google.com) to see exactly what Google has stored. This can be eye-opening and helps you understand what to delete.
  5. Review your Google Maps timeline at timeline.google.com, which shows everywhere you have been with your phone. Delete this history if you do not want Google maintaining a detailed record of your physical movements.

The Right to Be Forgotten

In many jurisdictions, you have a legal right to request the removal of your personal information from online services. The European Union's General Data Protection Regulation (GDPR) provides the "right to erasure," which requires companies to delete your personal data upon request when it is no longer necessary for the purpose it was collected. The California Consumer Privacy Act (CCPA) provides similar rights for California residents.

To exercise these rights, you typically submit a data deletion request directly to the company. Many organizations have dedicated privacy request forms or email addresses. Under GDPR, companies must respond within 30 days. Google also provides a form to request removal of specific URLs from search results, though this only affects Google Search and does not remove the content from the original website.

Building an Ongoing Practice

Digital identity management is not a one-time project. Schedule a quarterly review where you check for new accounts that should be deleted, review app permissions, update passwords for critical accounts, and search for yourself online to see what new information has appeared. Each review takes less time than the last as you reduce your digital footprint to only the accounts and services you actively use and trust.

The goal is not to disappear from the internet but to be intentional about your presence. Every account, profile, and data point should exist because you chose it, not because you forgot about it.

Share this article