Start here
Fundamentals
Threat modeling for normal people, the vocabulary you need, and a plain-English tour of what "safe" actually means when it comes to your files.
Authentication: why your password is not the fence you think it is
A password is a guess gate, not a fence. A practical guide to the layers that actually keep attackers out of your document accounts — multi-factor, hardware keys, passkeys, and the account-recovery flow almost everybody forgets about.
Level: beginner
Threat modeling for normal people
You can't defend your documents until you know who you're defending them from. A practical, low-jargon guide to writing your first threat model.
Level: beginner
The CIA triad, explained without jargon
Confidentiality, Integrity, Availability. Three words that define what 'secure' actually means — and why your document problem is usually just one of them.
Level: beginner
The copy problem: why digital documents multiply, and what that means for security
Paper sits in one place. Digital documents do not. Every edit, every sync, every backup, every preview makes another copy. Security thinking that treats a file as a singular object fails — here's how to think about it instead.
Level: beginner
What is metadata, and why it often leaks more than the file itself
You redacted the sensitive text in a Word document and sent the PDF. Turns out the Word document's tracked changes went with it. A practical tour of the metadata that rides along invisibly on the files you share.
Level: beginner
Security is a practice, not a product
Setting up MFA, encrypting your disk, and running a password manager once is not the end of the story. Accounts drift, software rots, vendors change. Here's what maintenance actually looks like — and the annual rituals that separate real security from a snapshot.
Level: beginner
The supply chain of trust behind every document you store
When you save a PDF to Drive, you're trusting more than Google. The full chain runs through your operating system, your browser, your network, certificate authorities, and every software update that touched your device. Learning to see it is the difference between reasoning about security and guessing.
Level: intermediate