Andrej Karpathy, the former Tesla autopilot head and an ex-OpenAI researcher has outlined practical steps to improve digital privacy and security, offering a clear roadmap for anyone looking to better protect their online identity.
What Happened: In a new blog post titled "Digital Hygiene" that was published on Monday, Karpathy shared a detailed guide to improving privacy and cybersecurity in everyday computing.
Here are the highlights:
Passwords, Security Keys, And Biometrics
Karpathy said that the use of a password manager like 1Password generates and stores strong, unique passwords for every service. He urges users to pair this with a hardware security key—his preferred brand is YubiKey—to secure critical accounts with a physical second factor.
Privacy-Focused Tools
He also recommends Signal for secure messaging, Brave for browsing and searching, and NextDNS or Pi-hole to block trackers at the DNS level. Karpathy is critical of “smart” IoT devices, calling them a significant privacy risk, and encourages users to avoid them whenever possible.
Financial And Email Safety
To minimize exposure to fraud and data leaks, Karpathy suggests using services like Privacy.com to generate unique virtual credit cards per merchant, and virtual mailboxes instead of real addresses. He also advises caution with email—never clicking links and disabling image loading to avoid being tracked.
“[Signal] it does not store metadata like many other apps do (e.g. iMessage, WhatsApp). Turn on disappearing messages (e.g. 90 days default is good),” he stated.
Subscribe to the Benzinga Tech Trends newsletter to get all the latest tech developments delivered to your inbox.
Why It's Important: Karpathy's guide arrives at a time when digital threats—from phishing to data breaches—are escalating in both frequency and sophistication.
According to data from Statista, social media platforms were the primary target of phishing attacks worldwide in the third quarter of 2024, accounting for 30.5% of incidents. Web-based software services and webmail followed closely, making up 21.2% of reported attacks.
Meanwhile, financial institutions were also heavily targeted, representing 13% of phishing attempts during the period.
Photo by TierneyMJ on Shutterstock
Check out more of Benzinga’s Consumer Tech coverage by following this link.
Read Next:
Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.
© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
