Help abuse survivors immediately by enabling full-disk encryption on their device, securing their email and primary accounts with new strong passwords and two-factor authentication, removing any location-sharing features and checking for installed tracking apps, and establishing secure communications channels using Signal or Tor. Change account recovery methods, remove the abuser from all shared accounts, and document threatening communications for legal purposes. This guide provides practical implementation patterns for securing devices, communications, and accounts during the critical transition period, with actionable steps for technically-minded supporters.

Recommended password manager setup: 1.

• Create NEW master password: - never reuse any old password # 3.

Prerequisites

Before you begin, make sure you have the following ready:

• A computer running macOS, Linux, or Windows
• Terminal or command-line access
• Administrator or sudo privileges (for system-level changes)
• A stable internet connection for downloading tools

Step 1 - Immediate Threat Assessment

Before implementing any security measures, understand the common attack vectors in abusive situations:

• Shared device access: Abusers may have physical access to victim devices or know passwords
• Account recovery exploitation: Email account recovery can grant access to other services
• Location tracking: Find My features, GPS data in photos, or installed tracking apps
• Social engineering: Abusers may contact support teams pretending to be the victim
• SIM swapping: Phone number porting to seize control of authentication

The goal is creating immediate separation while building longer-term security posture. Start with the highest-impact changes first.

Step 2 - Device Hardening

Removing Tracker Access

First, audit all location-sharing settings across devices. On iOS, check Find My settings completely:

Check shared location settings via Apple ID
1. Settings > Apple ID > Find My
2. Remove any sharing with the abuser's Apple ID
3. Disable Share My Location entirely if not needed

On Android, similar checks apply for Google Location Sharing and any third-party tracking apps. Look for:

• Apps with accessibility permissions (often used for spying)
• Unknown device management profiles
• Location history enabled for timeline features

Factory Reset as Baseline

When device compromise is suspected and immediate safety is priority, factory reset provides a clean slate. However, this introduces risks, abusers may notice and escalate. Consider:

Before reset, backup ONLY essential data:
- Contact numbers (manually recreate, don't restore full backup)
- Photos to encrypted USB (then securely wipe device)
- Any documents to encrypted storage
#
DO NOT restore from iCloud/Google backup - these may contain
tracking data or software

For Android, verify the bootloader is locked after reset. Enter recovery mode and confirm:

• Bootloader status shows “locked”
• Verified boot shows “green” or “verified”

New Device Procurement

If possible, obtain a fresh device using cash or a separate payment method. When this isn’t feasible, thoroughly reset existing devices. The key principle: assume compromise until proven otherwise.

Step 3 - Account Security Implementation

Email Account Isolation

Email is the linchpin of account security. Password resets for almost every service flow through email. Create a new email account with these specifications:

New email account setup checklist:
1. Use a privacy-respecting provider (ProtonMail, Tutanota)
2. Register with phone number from new SIM (see below)
3. Enable two-factor authentication with authenticator app
4. Set up recovery email to NEW account only
5. Disable email forwarding from old account
6. Review and remove any connected devices/sessions

The new email should be used exclusively for security-critical communications. Do not link it to social accounts the abuser knows about.

Password Manager Deployment

A password manager enables unique, strong passwords for every service. For high-risk situations:

Recommended password manager setup:
1. Bitwarden (self-hosted option available)
2. Create NEW master password - never reuse any old password
3. Enable 2FA with hardware key (YubiKey) if possible
4. Export/import only critical account credentials
5. Enable vault timeout (auto-lock after 1 minute)
6. DO NOT import full old password database

For users uncomfortable with technical tools, even writing passwords on paper (stored securely) is better than reusing passwords across accounts.

Two-Factor Authentication

Move beyond SMS-based 2FA whenever possible. SIM swapping remains a viable attack:

2FA migration priority:
1. Hardware security keys (YubiKey, Titan) - highest security
2. Authenticator apps (Bitwarden Authenticator, Aegis for Android)
3. Backup codes (print, store in safe location)
AVOID - SMS verification for any security-critical account

For accounts that only support SMS, contact support to see if alternative 2FA methods are available. Some banks and financial institutions can add additional security layers.

Step 4 - Phone Number Security

Obtaining a New Number

Phone numbers serve as authentication anchors. Secure the line:

New phone number acquisition:
1. Obtain new SIM card - pay with cash if possible
2. Use new email for account registration
3. Enable PIN/PUK code protection on carrier account
4. Request port-out protection/porting freeze
5. Enable carrier-level call screening

Removing Number from Accounts

Audit accounts linked to the old number:

• Financial services (banks, PayPal, Venmo)
• Social media accounts
• Shopping sites with saved payment methods
• Government services (IRS, DMV)
• Healthcare portals

Create a systematic checklist and methodically work through each service.

Step 5 - Secure Communications

Messaging Platform Selection

Signal provides the best balance of security and usability:

Signal hardening for high-risk users:
1. Enable registration lock (requires PIN to reregister)
2. Set disappearing messages for ALL conversations
3. Disable notification previews in system settings
4. Enable screen lock within Signal settings
5. Turn off link previews (prevents metadata leakage)
6. Use Screen Security to block screenshots

For users needing anonymity, consider:

• VoIP numbers from Twilio or similar (registered to new email)
• Signal with registered VoIP number instead of primary
• Burner phones for highest-risk communications

Emergency Communication Plan

Establish communication plans before they’re needed:

Pre-arranged safety protocol:
1. Code word that indicates danger/distress
2. Trusted contact who knows the situation
3. Check-in schedule (if missed, contact initiates welfare check)
4. Physical safe location information
5. Offline communication method (written notes)

Document this plan in a secure location, not on devices that might be compromised.

Step 6 - Data Protection

Photo and File Security

Photos often contain location metadata. Before transferring any files:

Strip EXIF data before sharing/saving:
exiftool -all= -overwrite_original image.jpg
Or use ImageMagick:
convert input.jpg -strip output.jpg

For sensitive documents:

Python example - Encrypt sensitive files before storage
from cryptography.fernet import Fernet

Generate key (store securely, separately from files)
key = Fernet.generate_key()
f = Fernet(key)

Encrypt file
with open('document.pdf', 'rb') as file:
    encrypted = f.encrypt(file.read())

with open('document.pdf.enc', 'wb') as file:
    file.write(encrypted)

Cloud Account Audit

Review all cloud storage for sensitive data:

Cloud service audit checklist:
1. Dropbox, Google Drive, OneDrive - remove old devices
2. iCloud/Google backup - disable if not needed
3. Photo sharing - revoke access to ex-partner
4. Shared calendars - remove from ex-partner's accounts
5. Family sharing schemes - exit all shared arrangements

Step 7 - Ongoing Maintenance

Security isn’t a one-time configuration. Establish regular review habits:

• Weekly: Check for unknown devices on accounts
• Monthly: Review privacy settings on social media
• Quarterly: Update passwords on critical accounts
• After any concerning incident: Immediate password change on potentially compromised accounts

Troubleshooting

Configuration changes not taking effect

Restart the relevant service or application after making changes. Some settings require a full system reboot. Verify the configuration file path is correct and the syntax is valid.

Permission denied errors

Run the command with sudo for system-level operations, or check that your user account has the necessary permissions. On macOS, you may need to grant terminal access in System Settings > Privacy & Security.

Connection or network-related failures

Check your internet connection and firewall settings. If using a VPN, try disconnecting temporarily to isolate the issue. Verify that the target server or service is accessible from your network.

Frequently Asked Questions

How long does it take to someone leaving abusive relationship?

For a straightforward setup, expect 30 minutes to 2 hours depending on your familiarity with the tools involved. Complex configurations with custom requirements may take longer. Having your credentials and environment ready before starting saves significant time.

What are the most common mistakes to avoid?

The most frequent issues are skipping prerequisite steps, using outdated package versions, and not reading error messages carefully. Follow the steps in order, verify each one works before moving on, and check the official documentation if something behaves unexpectedly.

Do I need prior experience to follow this guide?

Basic familiarity with the relevant tools and command line is helpful but not strictly required. Each step is explained with context. If you get stuck, the official documentation for each tool covers fundamentals that may fill in knowledge gaps.

Is this approach secure enough for production?

The patterns shown here follow standard practices, but production deployments need additional hardening. Add rate limiting, input validation, proper secret management, and monitoring before going live. Consider a security review if your application handles sensitive user data.

Where can I get help if I run into issues?

Start with the official documentation for each tool mentioned. Stack Overflow and GitHub Issues are good next steps for specific error messages. Community forums and Discord servers for the relevant tools often have active members who can help with setup problems.

Related Articles

• Privacy Setup for Someone Hiding from Abusive Ex
• How To Use Cryptocurrency Privately Without Leaving Traceabl
• How to Use Public Computers Safely Without Leaving Any Trace
• Veterinarian Client Pet Data Privacy Protection Setup Guide
• How to Use Tails OS for Maximum Privacy Complete Setup Guide
• AI Coding Assistant Session Data Lifecycle

Built by theluckystrike. More at zovo.one