How to Set Up a Complete Security Stack in One Afternoon
Affiliate disclosure: This article contains affiliate links. If you click a link and make a purchase, we may earn a commission at no extra cost to you. Our editorial recommendations are never influenced by commissions — read our full disclosure policy.
What You Are Setting Up
In one afternoon you will install, configure, and verify:
Those three close the three attack vectors that account for the majority of real-world attacks against individuals. Start to finish, three hours.Part 1 — NordPass First
The password manager is first because you will use it to store credentials for everything else you install today.
Create the Account
Go to NordPass and sign up. Choose a 16+ character master password. Write it on paper and store the paper somewhere physically secure — a home safe, a locked drawer. You will memorise it over the next week. If you forget the master password, there is no recovery — that is the point of zero-knowledge encryption. The paper is your one-time safety net.
Install the App and Browser Extension
Desktop app for your main computer. Browser extension for whichever browser you use. Mobile app for your phone. Sign in on each with the master password.
Enable 2FA on NordPass Itself
Install Authy on your phone — we recommend it over Google Authenticator because it backs up your TOTP seeds encrypted. Go to NordPass → Settings → 2FA → Authenticator app → scan QR with Authy. Store the backup codes NordPass shows you as a secure note inside NordPass itself.
Import Existing Passwords
NordPass can import from Chrome, Firefox, Edge, Safari, and most other managers. Settings → Import → choose source → let it pull in every password your browser has saved. You now have a baseline.
Part 2 — NordVPN
Sign Up
Go to NordVPN. Create an account. Let NordPass generate and save the password for this account.
Install and Configure
Install the app on every device you own. Before connecting, set these:
- Protocol: NordLynx. Fastest, based on WireGuard.
- Kill switch: system-level, not app-level. Blocks all traffic if the tunnel drops.
- DNS leak protection: on.
- Threat Protection: on. DNS-level malware and tracker blocking.
- Auto-connect: on untrusted networks. Automatic protection on public WiFi.
Verify
Connect to a server. Go to ipleak.net. Confirm the IP shown is the VPN server's, not yours. Confirm the DNS servers shown are NordVPN's. If anything shows your real IP, the leak protection is not working — troubleshoot before continuing.
Mobile
On iOS and Android, enable Always-On VPN in the NordVPN app. This ensures the tunnel reconnects automatically on network changes.
Part 3 — 2FA on Important Accounts
In order:
1. Primary email. Gmail, Outlook, Proton, whatever you use. Security settings → 2FA → authenticator app → scan with Authy. 2. Banking. Every bank and card account. 3. Social media. Instagram, X, Facebook, LinkedIn. 4. Any account flagged by NordPass's breach monitoring as compromised.
For each account, store the backup codes in NordPass as a secure note attached to the account. This is your escape hatch if you lose your phone.
What You Have at the End
- Traffic encrypted by NordVPN on every network you touch.
- Every password unique and complex, generated and stored by NordPass.
- 2FA blocking account takeover on every account that matters.
Further reading: Cybersecurity Checklist 2026, How to Create a Master Password.
Reviewed by Thomas — NorwegianSpark · Last updated: 15 April 2026