Former Tesla Autopilot Head Shares Ultimate Digital Hygiene Tips And Tricks — Andrej Karpathy's 'No Brainer' Guide To Safe And Private Computing
Andrej Karpathy, former Tesla and OpenAI executive, has released a guide on digital hygiene, providing tips to enhance online privacy and security. His recommendations include using a password manager, hardware security keys, and privacy-focused tools like Signal and Brave. He advises against using IoT devices and suggests services like Privacy.com for unique virtual credit cards. Karpathy's guide addresses the rising threats of phishing and data breaches, emphasizing the importance of protecting personal information in today's digital landscape.
Andrej Karpathy, the former Tesla autopilot head and an ex-OpenAI researcher has outlined practical steps to improve digital privacy and security, offering a clear roadmap for anyone looking to better protect their online identity.
What Happened: In a new blog post titled "Digital Hygiene" that was published on Monday, Karpathy shared a detailed guide to improving privacy and cybersecurity in everyday computing.
Here are the highlights:
Passwords, Security Keys, And Biometrics
Karpathy said that the use of a password manager like 1Password generates and stores strong, unique passwords for every service. He urges users to pair this with a hardware security key—his preferred brand is YubiKey—to secure critical accounts with a physical second factor.
See Also: Former Tesla Autopilot Head And Ex-OpenAI Researcher Says ‘Programming Is Changing So Fast’ That He Cannot Think Of Going Back To Coding Without AI
Privacy-Focused Tools
He also recommends Signal for secure messaging, Brave for browsing and searching, and NextDNS or Pi-hole to block trackers at the DNS level. Karpathy is critical of “smart” IoT devices, calling them a significant privacy risk, and encourages users to avoid them whenever possible.
Financial And Email Safety
To minimize exposure to fraud and data leaks, Karpathy suggests using services like Privacy.com to generate unique virtual credit cards per merchant, and virtual mailboxes instead of real addresses. He also advises caution with email—never clicking links and disabling image loading to avoid being tracked.
“[Signal] it does not store metadata like many other apps do (e.g. iMessage, WhatsApp). Turn on disappearing messages (e.g. 90 days default is good),” he stated.
Subscribe to the Benzinga Tech Trends newsletter to get all the latest tech developments delivered to your inbox.
— Andrej Karpathy (@karpathy) March 18, 2025I wrote a quick new post on "Digital Hygiene".
Basically there are some no-brainer decisions you can make in your life to dramatically improve the privacy and security of your computing and this post goes over some of them. Blog post link in the reply, but copy pasting below… pic.twitter.com/gRyeVouko5
Why It's Important: Karpathy's guide arrives at a time when digital threats—from phishing to data breaches—are escalating in both frequency and sophistication.
According to data from Statista, social media platforms were the primary target of phishing attacks worldwide in the third quarter of 2024, accounting for 30.5% of incidents. Web-based software services and webmail followed closely, making up 21.2% of reported attacks.
Meanwhile, financial institutions were also heavily targeted, representing 13% of phishing attempts during the period.
Photo by TierneyMJ on Shutterstock
Check out more of Benzinga’s Consumer Tech coverage by following this link.
Read Next:
- Cloudflare Launches Cloudforce One And Security Posture Management For Real-Time Threat Response
Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.
