5 Common-sense security measures

1: Get a Credit Freeze.

If you’re a US citizen or resident with a social security number, this is the lowest hanging fruit for you.

A credit freeze - according to the FTC - restricts access to your credit report, which means you — or others — won’t be able to open a new credit account while the freeze is in place. You can temporarily lift the credit freeze if you need to apply for new credit. When the freeze is in place, you will still be able to do things like apply for a job, rent an apartment, or buy insurance without lifting or removing it.

In other words, your credit, in the United States, is default open but you can go to each of the three major credit bureau’s websites, open an account, and freeze your credit. And this is free to do. Until a few years ago you had to pay something but that changed around 2018 and it’s completly free now. It adds a little bit of complexity because each time you need to run a credit check, you’ll have to go to that bureau and unfreeze your credit before it can be ran.

I’m always shocked when someone doesn’t have a credit freeze in place, I’ve had one for a decade and this is something you can set up before I even finish this podcast.

2: Get a password manager

You should not know any of your passwords.

Becuase Every password should be randomly generated and as long as is allowed by that particular service.

Every single online account you have should be unique meaning you don’t know use the same password twice.

And the easiest way to do this is with a password manager that can keep track of everything for you and generate those passwords.

There’s a great free and open-source one called BitWarden. You can get the app on your phone or in your browser as an extension.

3: Encrypt any sensitive information you put on the cloud

If you store anything like medical information or financial information on the cloud, be sure to put it in an encrpyted container before uploading it.

If you don’t, you should assume that Google or Microsoft or whoever your host is, is training their next AI models on your data and that whatever you put there is accessible by their employees and the employees of every intelligence agency.

Use somethign like Veracrypt - which is another free and open source tool - to encrypt your data before storing it or sending it anywhere.

4: Change the default password on your wifi router

Manufacturers are getting better about not shipping wifi routers with default passwords in favor of randomly generated ones but just in case, you should never use the manufacturer’s password. Whenever you get a new router, go into the router’s settings and update it to something custom and ideally randomly generated.

5: Use 2FA whenever possible and not text verification.

For all of your bank accounts and imoprtant online accounts, set up a two factor authentication using a third party authentication app - ideally a free and open source one. These apps generate random codes every 60 seconds that you have to input in order to access your account. Have one or two backups of this app on other devices in case you lost your primary device.

Where possible, do not use text message as a form of 2FA because sim cards can easily be spoofed and, if you ever lose or change your number, you’ll be in trouble.


You'll only receive email when they publish something new.

More from Ross Zeiger
All posts