Home cybersecurity & privacy, parceled into plain lots you can actually build on — passwords, two-factor, VPNs, backups, and the threats that come knocking. No jargon. No fear-selling.
The four corners every digital household should pour first. Do these and you have already shut out most of the street.
Stop reusing passwords. Use Bitwarden (free, open source), 1Password ($3/mo), or Dashlane ($4/mo). Generate unique 20+ character passwords for every site. You only memorize one master password. This single step prevents 80% of breaches.
Enable 2FA on everything: email, banking, social media. Use an authenticator app (Authy or Google Authenticator), not SMS (SIM swapping is real). Hardware keys (YubiKey, $50) are the most secure option. Prioritize: email first, then financial accounts.
Update your OS, browser, and apps immediately when patches are released. Most attacks exploit known vulnerabilities that already have patches. Enable auto-updates everywhere. Yes, it's annoying. Being hacked is worse.
3-2-1 rule: 3 copies of your data, on 2 different media types, with 1 offsite. External hard drive ($60-100) + cloud backup (Backblaze $7/mo or iCloud/Google One). Test your backups by actually restoring files. Backups you can't restore are worthless.
What the neighbors — and the data brokers — get to see is up to you. Draw the blinds.
A VPN encrypts your internet traffic and hides your IP address. Mullvad ($5/mo): No account needed, pay with cash. ProtonVPN (free tier): Swiss privacy. NordVPN ($4/mo): Largest server network. Use on public WiFi always. Not a silver bullet but an important layer.
Brave: Blocks ads and trackers by default. Chromium-based. Firefox + uBlock Origin: Customizable privacy. Tor Browser: Maximum anonymity (slower). At minimum: use a browser with an ad blocker. Safari's Intelligent Tracking Prevention is decent on Apple devices.
ProtonMail (free tier): End-to-end encrypted, Swiss-based. Tutanota (free tier): German, open source. For most people: enable 2FA on your existing Gmail/Outlook and use encrypted messaging (Signal) for sensitive conversations.
Review app permissions (location, camera, microphone, contacts). Delete apps you don't use. Use Signal for messaging. Disable ad tracking (iOS: Settings > Privacy > Tracking. Android: Settings > Privacy > Ads). Consider a privacy screen protector.
Most break-ins are not technical — they are someone talking their way in. Learn the knock.
90% of breaches start with phishing. Check the sender's actual email address (not display name). Hover over links before clicking. No legitimate company asks for passwords via email. When in doubt, go directly to the website, don't click the link.
Hackers exploit human psychology, not just technology. They create urgency ('your account will be closed'), authority ('this is the IRS'), and fear. Verify independently: call the company using the number on their website, not the number in the message.
Never do banking or enter passwords on public WiFi without a VPN. Prefer your phone's hotspot. If you must use public WiFi, verify the network name with staff (fake 'Free WiFi' networks are common). Use HTTPS sites only.
Check if your email has been breached at haveibeenpwned.com. If breached: change that password immediately (and everywhere you reused it). Enable 2FA. Consider a credit freeze at all three bureaus (free). Monitor your credit report at annualcreditreport.com.