A quick, honest self-check — six questions about the everyday habits that actually determine how exposed your accounts and conversations are. No account needed, nothing saved, just an honest look at where you stand.
Question 1 of 6
Question 2 of 6
Question 3 of 6
Question 4 of 6
Question 5 of 6
Question 6 of 6
Even small habits — unique passwords, checking app permissions occasionally — add up to a meaningfully smaller attack surface over time.
None of these six questions are arbitrary — each one maps to a specific, common way accounts and conversations actually get compromised, not a hypothetical risk.
This is the single most common cause of account takeovers. When one site gets breached — and sites get breached constantly, including ones you'd never expect — every other account using that same password becomes vulnerable the moment the breached password list circulates. A password manager that generates and stores unique passwords for every site removes this risk almost entirely, without requiring you to memorize anything.
Even a leaked password becomes far less useful to an attacker if your account also requires a code from your phone or an authenticator app. This is one of the highest-impact, lowest-effort security changes available, especially on your primary email — since email is usually the recovery method for everything else you own.
Apps accumulate permissions over time, and most people grant camera, microphone, or location access once and never revisit it. Periodically checking what actually has access to what — most phones make this a simple settings menu — is a habit worth building, since permissions you forgot you granted are permissions you're not actively thinking about.
Open networks at cafés, airports, and hotels are genuinely easier for someone else on the same network to intercept traffic on than your home connection. A VPN encrypts your traffic before it leaves your device, which matters specifically in these shared, less controlled environments.
Not every messaging app that claims to be "secure" actually encrypts your messages end-to-end by default — some only encrypt the connection to their own servers, which is a meaningfully weaker guarantee. Knowing which tools you actually use have real end-to-end encryption, versus just secure transport, is worth a few minutes of checking.
This last one is specific and worth being direct about: a lot of people assume "anonymous" means "nothing is recorded," and that's not automatically true everywhere. It's worth actually reading a platform's privacy policy rather than assuming. For what it's worth on Chatzyo specifically: video never reaches our servers at all, text exists in memory only for the session, and we keep basic security logs (IP address, for abuse prevention) for a maximum of 30 days. You can see the full picture in our Privacy Policy.
A lower score here isn't a verdict on you — it's just an honest map of where the easiest improvements are. Most people score somewhere in the middle, not because they're careless, but because these habits accumulate slowly and most platforms don't make checking them especially obvious. The two changes with the biggest impact for the least effort are almost always a password manager and turning on two-factor authentication wherever it's offered — both take a few minutes and meaningfully reduce risk going forward.
It's worth being clear about a distinction this quiz touches on but doesn't fully spell out: there's platform-side privacy (what a service you use actually collects and stores about you) and user-side privacy (the habits you control yourself, regardless of which platform you're on). Questions 1 through 5 are entirely about your own habits — they'd matter the same way no matter what app or site you're using. Question 6 is different; it's about understanding what a specific platform actually does, which varies enormously from one service to the next.
This distinction matters because it's easy to feel like privacy is something a platform either gives you or doesn't, when in practice it's usually a combination of both. A platform with genuinely strong architecture — no accounts, no stored video, minimal logging — can still leave you exposed if you reuse a weak password elsewhere, or click a link you shouldn't have. Equally, no amount of personal caution fully protects you if a platform you're using is quietly logging everything behind the scenes. Both halves matter, and most general advice about "staying private online" only really covers one of them.
If you want to act on this rather than just read it, the most efficient order is usually: install a password manager first, since it solves the password-reuse problem in one sitting without requiring you to remember anything new. Turn on two-factor authentication on your email next, since that one account is the recovery path for most others. Then spend ten minutes going through your phone's app permissions list, which most operating systems group clearly by permission type rather than by app, making it faster than expected. The VPN and encrypted-messaging habits are worth building too, but they matter most in specific situations — public Wi-Fi, genuinely sensitive conversations — rather than needing to be active every moment of every day.
For more on staying safe with anonymous chat specifically, see our guides on staying anonymous on video chat and whether anonymous chat is actually safe.