While being remotely monitored you are at the mercy of another group of humans who do their best to keep tabs on you. The capabilities they have include:
- Co-processing internal monologue and complex thoughts
- Feeling of body state, such as how many fingers are being held up and emotion
- Seeing through your eyeballs as if they were the ones physically there
This just describes the information they get from you, they also have the capability to slip in words or phrases and emotions. If you process something in your own internal monologue voice by them slipping something in, you may not even realize it is happening unless it is so far outside what you would ordinarily think that you have a visceral reaction to it.
They can also make you process phrases with another person’s internal monologue voice which was immediately obvious to me. On top of that, they can make your own responses that you formulate in your head sound like another person’s internal monologue voice. So, in your head, it sounds like you are thinking in another person’s voice. They like to make the voice sound deep and official at times, which I have to admit- I see it fooling a lot of people who have this happen to them with no warning or explanation. The FBI or NSA would never ask you to go reveal secret passwords or keys remotely through your head to verify that you are not participating in criminal activity.
Keeping all this in mind, when you think your password to type it in- you are literally feeding it to them character by character. Same happens with your debit card numbers and pin codes. The only good solution I see here is to keep your card locked at all times, and only unlock when making purchases, then relock immediately.
I figured this out relatively quickly myself and was able to regain control of my main accounts. I generated new passwords with KeePass for each account and changed them one by one. I happen to know the laptop I carry with me doesn’t have a keylogger or clipboard stealer.
A warning about two-factor authentication
When you enable two-factor authentication on some services, it shows on your screen secrets that can be immediately used by the people monitoring you to get into your account. I wish more services would hide this by default and only show it after a proper warning. For myself, it is more secure to keep two-factor authentication disabled on services that do this and just use the most complex password possible. I have played a game of keeping the secret off the screen juggling windows around, but this is extremely complicated and risky.
A quick guide to using KeePass to keep accounts secure
Download and install KeePassXC – https://keepassxc.org/
If you are a complete beginner, please read the documentation on their website to learn more about what KeePassXC is and how it works.
Do some research and figure out how long and complex you can make the password for the service you are using. I’ll show my research for google accounts as an example.
Maximum Password length is 100 characters
Allowed characters include all ASCII characters
Be careful to never accidentally hit the 
icon. That includes on the websites as you sign in.
Now the people monitoring you would have to get your KeePass database to get into your account. I recommend a YubiKey static password for securing your KeePass database if stored on a cloud service. I keep my database on my laptop only and it goes with me even on walks outside.