Complete OPSEC & Emotional Wellness Checklist

For Those Who May Be Compromised (Or Just Need Peace of Mind) By Liz Howard, Professor & Red Team Specialist, The Multiverse School


๐Ÿง  CRITICAL: Read This First

You cannot do good cybersecurity from panic brain. When you're scared, your prefrontal cortex shuts down. You'll skip steps without realizing it. Even seasoned professionals miss things when panicked. This is why we use checklists.

The #1 Rule: Slow is smooth, smooth is fast.


๐Ÿ“ Phase 0: Emergency Grounding (Do This NOW)

If you're reading this in a panic:

  1. Stop what you're doing with your devices
  2. Go somewhere physically safe (not your usual spots)
  3. Take 5 deep breaths: 4 seconds in, 7 hold, 8 out
  4. Call ONE trusted person and say:

    "I need emotional support while I work through a potential security issue. Can you just be on the phone with me for a bit?"

Quick Panic Management Chart

If you feelโ€ฆ Do this firstโ€ฆ
Heart racing, can't think Box breathing: 4-4-4-4 (in-hold-out-hold)
Paranoid, seeing threats everywhere Name 5 blue things you can see
Frozen, can't move Wiggle your toes, then fingers, then shoulders
Racing thoughts Write down 3 things on paper
Crying/overwhelmed Let it out, then splash cold water on face

โš ๏ธ Quick Check: Do you need the Domestic Violence Cybersecurity Guide instead of this one? It has special steps.


๐Ÿ” Phase 1: Reality Check & Assessment

Before assuming compromise, check these innocent explanations:

Document everything (on paper):


๐Ÿ›ก๏ธ Phase 2: Immediate Protective Actions

Do these from a calm state. Take breaks between steps.

A. Network Isolation (Stop the Spread)

B. Account Triage (Protect the Important Stuff)

Call from a friend's phone or landline:

  1. Bank (for each account):
  2. [ ] Set up verbal password
  3. [ ] Ask: "Have there been any access attempts?"
  4. [ ] Say: "No changes without verbal password"

  5. Phone Carrier:

  6. [ ] Ask: "Any SIM changes in last 30 days?"
  7. [ ] Set up account PIN/verbal password
  8. [ ] Confirm your phone number hasn't been ported

  9. Email Provider (from public computer):

  10. [ ] Check recent sign-ins
  11. [ ] Look for forwarding rules
  12. [ ] Check authorized apps
  13. [ ] Enable 2FA with NEW phone number if needed

๐Ÿ”ง Phase 3: Systematic Cleanup

A. Establish Clean Communication

From a library/public computer:

  1. [ ] Create new email at ProtonMail
  2. Use a completely new password pattern
  3. Don't access from your devices yet
  4. Write password on paper

  5. [ ] Set up Signal on ONE clean device

  6. Use new phone number if very concerned
  7. This is your secure communication line

B. Device-by-Device Reset

One device at a time, while OFF network:

For Phones:

For Computers:

For Routers:


๐Ÿ” Phase 4: Rebuilding Security

A. Password Strategy

The Paper Method (Yes, really):

  1. [ ] Get a notebook that stays with you
  2. [ ] Create 4 password categories:

  3. [ ] Use "correct horse battery staple" method

  4. [ ] Write clearly, note capitals
  5. [ ] After 30 days, transition to password manager

B. 2FA Hardening

C. Ongoing Hygiene


๐Ÿง˜ Phase 5: Mental Health Maintenance

The Compromise Perception Gap

It's real: After one compromise, EVERYTHING feels like hacking. Your printer jams? Hacking. App crashes? Hacking. This hypervigilance is exhausting and counterproductive.

Healthy Practices:

  1. Reality Testing:

  2. Support Network:

  3. Scheduled Worry Time:

  4. Professional Help:


๐Ÿšจ When to Escalate

You might have a real problem if:

Resources:


๐Ÿ’ช Remember:


Final Thoughts

Security is a practice, not a destination. Even professionals get compromised sometimes. What matters is how you respond. By following this checklist, you're already ahead of 99% of people.

Stay safe. Stay human. You've got this.


Contact: liz@themultiverse.school | https://themultiverse.school Private support calls: https://jitsi.themultiverse.school

Version 1.0 - Last Updated: May 2025