nullpay.
Back to toolkit
DeviceIntermediate30 minall

Phone Number Hygiene

Risk

The risk

Why this matters

Your phone number is persistent, tied to real identity (SIM registration laws in EU), and used as recovery/2FA everywhere. SIM swap attacks exploit this. Phone numbers are more dangerous than email addresses as identifiers — and harder to change.

Recommended tools

What to use

MySudo
MySudo

Virtual phone numbers for compartmentalized identities.

Setup guide

How to set it up

  1. 1

    Audit: which services have your real phone number? Prioritize removing it

  2. 2

    Remove phone number from accounts that don't strictly require it

  3. 3

    Switch 2FA from SMS to TOTP wherever possible (see 2FA Hierarchy practice)

  4. 4

    For services requiring a number: use a secondary VOIP number

  5. 5

    Contact your carrier and add a SIM lock / port-out PIN