I use a password manager. I have 2FA set up on everything. When an organisation asks me to set a recovery question, I generate a 32 character passphrase. I don’t use my mother’s maiden name or my first pet’s birthday on anything sensitive. I monitor my email addresses for breaches, and I regularly check my credit file.

I’m doing everything a geek can to protect their online life. Is it enough?

Is there a market / service for *personal* pen-testing or social engineering? I like to think I've got all my security set up. But how easily could a fraudster take over my life? — Terence Eden (@edent) March 30, 2019

This is not an invitation to hack me. I’d like to pay a professional to see how far they can infiltrate my online life. Is my bank particularly vulnerable to social engineering? Does my hosting provider accept a fax to transfer away my domains? Is an image of my passport floating around the dark web? What OSINT should I be scrubbing from the web?

I’ve got a stupid amount of smarthome tech – and I know there’s no way to secure my network – but I imagine that’s a target for someone more dedicated than a casual thief.

I can find pentesting services for companies. I can find some which claim to test the security of CEOs and celebrities. But I can’t find anything for ordinary people.

Does this service exist? If not, is this a million-dollar start-up idea?