That seems way overkill for daily use. I personally only take 3 or 4 measures most of the time, then beef it up when I need to. I use HTTPSEverywhere to force encryption to most sites where I have profiles. I use GoogleSharing not because I really need to, but to support the project. When out of the house, I have arp-spoof detection running just in case. Finally, I sometimes will use a proxy if I'm not interested in showing up in logs for any reason.
For the times when I really need it, I find that the TOR bundle works nicely. A determined person with sufficient resources will be able to get to you given enough time, but TOR is safe enough in most cases that you don't need to worry.
As for the authentication thing, that is most likely due to your privacy settings. We use various checks to make sure you're the same person that you claim to be, so doing anything with cookies or scripts might possibly invalidate that.
Assume that everything I say is or could be a lie.