The Impenetrable Fortress

Hello Internet, in this writing we are going to talk about cybersecurity. Firstly let's begin with the word cyber which means the Internet and computer, everything related to it. And the second word security, well we all know that one already. Combining the two: the branch of computer science that deals with the security of computers and the Internet is Cybersecurity.

The Hook

And it turns out that we are terrible at it. We were not taught how to be safe with the technology we use every single day. But today I'm here to fix that. By reading this writing you will be able to understand the foundation of cybersecurity, tips and suggestions on how to stay safe. Think of them as the do's and don'ts of the Internet. And if it becomes incomplete, we will try to add the remaining things in the next writings. Before we begin!

The Background

Most people think cybersecurity is either:

1) A hacker in a hoodie typing very fast, or

2) A problem for "important people."

Meanwhile, the real world is way more boring and way more dangerous.

Most attacks are just someone catching you on a bad day. You're tired, you're busy, you see an urgent message, you click, you type, you approve. That's it. No movie scene. Just one small mistake that snowballs.

So the goal here is not to become unhackable (oh you wouldn't wanna challenge them). The goal is to become annoying to hack.

The Illusion

The biggest lie we tell ourselves is:

"I'm not a target."

You don't need to be famous. You just need to be logged in.

Your accounts, your photos, your email, your chats, your cloud storage, your socials, your documents. That's your digital identity. And losing it feels like someone broke into your house and rearranged your life, but digitally.

The Deep Dive (Here's the nerdy part, but simplified)

Below are the practical habits that give you the most security for the least effort. If you do only a few, do the bold ones first.

1) Lock the front gate: passwords + MFA

• Enable MFA whenever possible. Yes it's a little annoying at first. That annoyance is the sound of attackers suffering.
• Don't rely heavily on SMS OTPs for important accounts. SIM swapping cases are real. If SMS is your only option, it's still better than nothing. Just don't treat it like a god-tier shield.
• Use an authenticator app / offline code generator when available. Less dependent on your phone number.
• Use passkeys where available. It's one of the best "set it and forget it" upgrades you can do.
• Never share OTPs with anyone. The name literally has "password" in it. Why are we sharing passwords now?
• Use long passwords and long PINs. Size matters here, unfortunately for all of us.
• If something feels suspicious, take 5 minutes and change the password. You do not want to gamble your digital identity on "it's probably fine."

2) Don't talk to sketchy websites (HTTPS is the minimum)

• Don't enter sites that don't support HTTPS. That little extra "s" is the difference between "secure" and "why is my data traveling naked."
• If you use an unsecured site, your connection can be intercepted, and sometimes even manipulated, depending on the situation.

If the whole world moved to secure communication, why are we still willingly having insecure conversations with servers?

3) Phishing: the real final boss

• Double check links, even if they come from friends. Accounts get compromised, and then "your friend" becomes a delivery system for scams.
• If someone is asking urgently for something in DMs, especially money, credentials, or link-clicking, verify through another channel. Ask for a voice message, video call, or even meet physically if possible.
• Learn to recognize URLs so you don't get cooked by lookalikes. Example energy: microsoft.com vs rnicrosoft.com. Your eyes will betray you. Train them.

And yeah, people might call you paranoid. Let them. You'll be paranoid with your accounts intact.

4) The "verification ritual" (the one tip nobody tells you)

Make a deal with your close people:

If I ever message you asking for something urgent, or asking you to click something, or asking for money, you will ask for verification.

Your ritual can be simple:

• A voice note
• A quick call
• A "code word"
• A weird question only the real person would answer naturally

This is not "extra." This is how you stop impersonation scams without becoming a detective full-time.

5) Public devices: don't leave your keys in someone else's house

• Don't use your credentials on public devices (school/college labs, shared computers, random friend's phone "just for a second").
• If you absolutely must, then at minimum: log out properly, remove your account from the device, and clear saved logins.

Treat shared devices like public bathrooms. Use if needed, but don't get comfortable.

6) Updates and patches (boring, but it's armor)

• Updating your operating system and installing security patches is a good decision.
• The more valuable data you have, the more important regular updates become.
• For normal users, it's okay to be smart about it: phones and most apps, update regularly. Major OS updates, don't ignore them forever, but it's fine to wait briefly if you're worried about instability.

Updates are not companies "adding features." Often they're plugging holes attackers already know exist.

7) Downloads: don't install your own downfall

• Do not download suspicious files and applications from unverified sites or random stores.
• If you really want to download something: scan it on VirusTotal, test it on an old phone, virtual machine, or cloud phone if you can.
• Be skeptical about granting anything "admin" access. That one approval can change a lot, instantly.

If a download feels even slightly shady, your best move is not bravery. It's closing the tab.

8) Antivirus: yes, you should have one (and no, you don't need to pay)

• Enable antivirus. On Windows, built-in protections like Windows Defender are genuinely solid.
• You don't need to buy a fancy suite if you're following the basics here.

Antivirus is not a replacement for good decisions. It's a seatbelt, not self-driving.

9) Public Wi-Fi: assume it's hostile

• On risky networks (public Wi-Fi), use a VPN to encrypt your traffic and protect privacy.
• Avoid doing sensitive logins when you don't have to.

Public Wi-Fi is convenient. So are open windows on the ground floor.

10) Privacy: create data consciously

• The more data you create, the harder it is to manage, and it doesn't disappear easily.
• Don't casually post: your location, phone numbers, personal routines, or sensitive details that could help someone impersonate you.

Threat actors love public info because it helps them craft personalized social engineering. And personalized scams are the ones people fall for.

11) Backups: the lifeboat you only appreciate during the shipwreck

• Back up your data monthly or every 3 months.
• It feels like extra work until the day you need it, and then it becomes the most romantic thing you've ever done for yourself.

Backups are not for "if." They're for "when."

12) Teach your people

• Share these tips with friends and family, especially non-tech folks. They're often targeted the hardest.
• If something severe happens, don't try to be the hero. Suggest they contact a local cybercrime unit / cyber bureau / cybersecurity consultant (whatever applies in their area).

Security is a team sport whether we like it or not.

The Analogy

Think of your digital life like a fortress.

You don't need laser turrets and dragons. You need:

• a strong gate (MFA)
• guards who don't get tricked (phishing awareness)
• walls that get repaired (updates)
• a panic room (backups)

Most people don't get hacked because their fortress was weak.

They get hacked because they opened the gate for a stranger who said, "hey bro, trust me."

The Question

What's one account you'd cry over if you lost it today?

Start there.

The Problem

The internet rewards speed and convenience.

And attackers love that.

They don't need you to be dumb. They just need you to be rushed. They need you to click once, approve once, share once, delay one password change, trust one "urgent" message.

Obviously I'm not saying you should live in fear and never click anything again. That would be exhausting. I'm saying your default mode should be: verify first, then act.

The Solution

Your impenetrable fortress is not a product you buy. It's a few habits you keep.

If you do nothing else:

• enable MFA
• stop trusting random links
• don't log in on public devices
• update your stuff
• back up your data
• verify urgent DMs with a ritual

That's it. That's the fortress.

The Conundrum

Sometimes being "too secure" can make you so annoyed that you turn features off.

So the real win is finding a setup you can actually maintain.

The Conclusion

Online safety is not about being perfect. It's about being consistent.

Most people don't need advanced cybersecurity. They need a handful of basic practices done reliably, like brushing teeth, but for your digital life.

Your goal is not to become a security expert overnight.

Your goal is to make your accounts harder to steal than the next person's, and to make sure that even if something goes wrong, you can recover fast.

The Actionables

The things that you can do right now:

• Turn on MFA for your most important accounts today (email first, then social, then everything else).
• Adopt a verification ritual with your close circle (voice note, call, code word) for urgent requests.
• Back up your data once a month or once every 3 months, then thank yourself later.
• Stop logging in on public devices, and if you must, log out and remove your data immediately after.
• Switch away from SMS OTP for critical accounts when possible, use an authenticator app instead.
• Treat suspicious links like expired milk, don't "just taste it to check." 😭
• Dont create unnecessary data on the internet it never truly fades.

Share Your Take

If you've got a scam story, a close call, or a tip that saved you, drop it here. I genuinely want to hear it.

That's a wrap on The Impenetrable Fortress. If you made it this far, I genuinely appreciate your time and patience; it means more than you think. Feel free to check out the other writings if you haven't already, or come back later when there's something new cooking.

Thank you so much for reading and visiting. Your support keeps this corner of the internet alive. Until next time, stay curious, stay kind, and keep your fortress standing. If you want to add something, feel free to send a message here.