![[FCO]FreeCoursesOnline](https://onehack.us/uploads/default/original/3X/b/4/b4d2fc8468becec1e9976784dba394e5a378ec81.jpg){kind=small}
-
Avoid weak passwords, reusing the same password(s), or using identifying information in your passwords. You should also use a password manager such as KeePassXC (https://keepassxc.org/). Also highly recommended to change your router password from its default and using fake security questions on all accounts.
-
Enable 2FA whenever possible, but try to avoid SMS verification. Always opt for a local authenticator app like Tofu or Aegis.
-
Disable Google tracking and such in Google’s My Activity page: (https://accounts.google.com/signin/v2/id…rviceLogin)
-
Scrub your personal or identifiable emails off the surface net. This means every single site you’ve ever registered on that you can remember. It’s helpful to view a list of common sites (https://backgroundchecks.org/justdeleteme/) or just open all of your messages in your inbox, go to that site, opt out of their list and change your personal information to something fake before you delete your account.
-
Delete all social media. ALL OF IT. Facebook, Instagram, Twitter, YouTube, Snapchat, TikTok – not only are these some of the most compromising elements in your OPSEC but trust me your life will be better without them. They are also the number 1 thing someone will use when trying to dox you.
-
Never use SMS for communication, You need to be using end-to-end encryption with as little tracking as possible for your communication WHENEVER POSSIBLE. Signal works great (https://signal.org/en/)
-
Disposable emails for signups are self-explanatory. GuerillaMail is a favorite (https://www.guerrillamail.com/)
-
Use a privacy-respecting browser such as Tor. No, Tor is not just for browsing DNMs, you can use it for anything. You can also use something like Firefox if you go into the settings and customize all security and privacy features. Check my posts for a guide on how to do this.
-
Use a privacy-respecting search engine. DuckDuckGo is popular but Startpage will give you the same results as Google without all the tracking.
-
On your phone, be sure to disable analytics and telemetry data, check all permissions for each app, and always deny location sharing.
-
Use a VPN! There is no reason to avoid this step and it is so crucial. It’s not going to keep you completely safe but it’s easy to just flick it on and get your extra layer of privacy at all times. The only VPN I would recommend is Mullvad as they are high quality, allow anonymous accounts and do not keep logs unlike other VPNs. (https://mullvad.net/en/)
-
Ensure your apps and software are all auto-updating. This will decrease vulnerabilities in your system
-
Be sure to frequently delete old logs, unused apps, temporary data, and anything that is no longer of use or collecting dust on your devices. BleachBit is handy for this step (https://www.bleachbit.org)
-
BACK EVERYTHING UP! I recommend getting a hard-drive to keep your backups on as cloud storage is a point of failure for your OPSEC most of the time.
Happy learning!