top of page

Quick Start Guide to OpSec

Here are 7 key steps that can help mitigate hacking, data loss and account takeover. They are reviewed in more detail on the following pages.


Update Your OS's 

Windows/Mac OSX and Linux. Make sure you have the latest OS patches which include security fixes for the latest CVEs. Also make sure your mobile devices are running the latest release as well. 


Review Your Password Habits

For many people, this is their biggest vulnerability. Too simple-to-guess passwords and repeat use of passwords is an all too common practice that can make account takeover easy for someone looking for an easy target. Learn how to create good passwords and use a Password Manager.


Use 2FA on Every Account 

2 Factor Authentication is critical to good OpSec. You should enable it for every account that offers it. It adds an extra layer of protection to prevent unauthorized access into your accounts. SMS and TOTP (Time Based One Time Passcode) are the 2 most common. 


Is Your Phone Number Secure?

Once cell phone companies allowed you to port over your existing number to a new carrier, your cell number became synonymous with your identity. Although it was never intended that way, your number became part of the user authentication process, which is now easy to exploit through SIM Swapping. 


Picking a Secure Browser

Most browsers and browser settings are defaulted for convenience and not security. Knowing which browsers put a focus on privacy and knowing how to go in to the settings tab and adjust advanced features goes a long way to help your browser keep you safe online. Adding key Extensions will prevent you from unwelcome and unwanted trackers.


Secure Home WiFi and VPNs

Did you research which cable modem and WiFi Router to buy, or did your internet provider set it up for you? Are the firmware settings up-to-date? Knowing how to secure your home system and when to use a VPN are important steps to securing your digital life. 


"Don't Trust, Verify"

When you download a program from the internet, do you know how to validate its authenticity? It's easier and more efficient for an attacker to replace a program with malware than to try to hack you personally. Free or paid, Open Source or proprietary, every program has a cryptographic hash and signature that you can validate. 

CVEs are Common Vulnerabilities and Exposures. A ZERO-Day Exploit is a hack that is released into the wild before a software vendor has a chance to create a patch. Check out bleeping computer to stay up on breaches 


1Password is a great multi-platform subscription password manager. 

Bitwarden and KeepPassXC are Open Source, highly rated and have a free option


2FA SMS is a service you should enable when creating an account with a financial institution or anywhere you create an account online. If they offer TOTP, that's better. You can even use a physical key like UbiKey for added security

For convenience, Mobile carriers make it easy to port your number over from one vendor to another. For security, that's a nightmare. 

Efani is a company that prevents the dreaded SIM Swap attack

Simply put, Firefox and Brave browsers are putting privacy first. There are countless articles pitting the different browsers against each other. 

For my money, Firefox plus Startpage search engine is a winning combination

If you do online banking, your home network needs to be secured properly. Few routers automatically update the firmware and that puts you at risk without knowing it. 

"Don't Trust, Verify" is's slogan and it's aptly suited for personal privacy. SHA256 hashes and GPG cryptographic signatures are 2 ways you can learn to validate that your downloads are from the original developer

just a little


bottom of page