OPSEC for Beginners: Protect Your Identity & Data

Learn practical OPSEC to reduce your digital footprint, prevent doxxing, and build safer online habits.

Journalists, activists and online creators are not average users. You attract attention, you handle sensitive information and your risk is higher than most. This course gives you a practical digital security playbook designed for people like you, not a generic "do not click bad links" lecture.

You will lock down accounts, harden devices, clean up your online footprint, secure your files with real encryption and reliable backups, and prepare for travel, border crossings and harassment scenarios.

We start with threat modeling and a quick self-assessment so you know what actually matters for your life. Throughout the course you’ll follow three concrete personas:

• Anna - The creator dealing with stalkers, hacked accounts, and doxxing

• Ben - The journalist handling sources, leaks, and hostile environments

• Omar - The activist facing surveillance, targeted phishing, and device seizure

Using their stories, you’ll build your own threat model and security plan step by step.

From there, we move into concrete actions:

• Set up a password manager and strong 2FA correctly so one breach does not wreck your entire life

• Separate identities and inboxes with better account hygiene and email aliases

• Harden your phones and laptops with practical settings, full disk encryption and sane app choices

• Improve browsing and search privacy with safer defaults and privacy focused tools

• Choose and use secure messaging such as Signal or Session based on real world threat tradeoffs

• Share files safely with tools like OnionShare, local transfers or privacy friendly one time links instead of random cloud drops

• Understand how metadata leaks from photos and documents and strip it with tools such as exiftool or safe document conversion

• Build encrypted backups that you can actually restore using a workflow that goes beyond "dump to USB and hope"

• Prepare for travel and border risks, including what devices to carry, what to leave, burner devices and accounts, and how to plan for device searches

• Create a simple incident response plan so you know exactly what to do when something goes wrong
  

By the end of the course you will be able to:

• Create a realistic personal threat model and prioritize what to fix first

• Secure accounts with a password manager, strong 2FA and identity separation

• Harden phones and computers against common attacks and basic forensic capture

• Recognize and avoid phishing, social engineering and common scam patterns

• Browse, search and communicate with safer defaults and less data exhaust

• Use private messaging and file sharing tools that match your risk profile

• Remove or reduce metadata leaks from images and documents before sharing

• Encrypt important data, verify backups and restore them under stress

• Handle travel and border scenarios with a clear, pre planned strategy

• Follow a written incident response checklist and maintain a personal security runbook
  

Who this course is for:

• Journalists and media workers who handle sources, leaks or sensitive investigations

• Activists, NGO staff, community organizers and researchers who face surveillance or harassment

• Online creators, influencers and freelancers who are tired of worrying about hacked accounts and doxxing

• Security conscious professionals who want real, applied digital security instead of certification prep

You do not need a deep technical background. If you can follow instructions and are willing to change a few habits, you can finish this course with a concrete written plan and a security setup that finally matches the risks you face.