Most people set up a backup once, feel safe, and never check it again. Then the drive dies. Or ransomware encrypts everything. And the backup turns out to be empty, corrupted, or three years old.

A backup you've never restored is a guess, not a safety net. Here are six mistakes I see beginners make — and the fix for each.

1. Keeping the backup on the same machine

You copy your photos to a second folder on the same server. That's not a backup. When the disk fails, both copies die together. So does ransomware that walks every mounted folder.

Fix: Follow the 3-2-1 rule. Three copies, two different devices, one off-site. A cheap external USB drive counts as device two. A friend's house or an encrypted cloud bucket counts as off-site.

2. Never testing a restore

This is the big one. People assume the backup works because the job says "success." Then the day they need it, the archive is corrupt or missing half the files.

Fix: Once a month, restore one random file to a temp folder. Open it. If it works, you're fine. Put a reminder in your calendar.

3. Backing up without encryption

You ship your data to a cloud bucket or a friend's NAS. If it's not encrypted, anyone who touches that storage reads your tax documents and family photos.

Fix: Use a tool that encrypts before upload. Restic and Borg both do this. Your password never leaves your machine, and the remote sees only scrambled blocks.

4. No versioning

You sync your files nightly. Then you notice a file got corrupted last week — and your sync faithfully copied the corruption over the good version. Same problem with ransomware: it encrypts, your sync overwrites the good backup.

Fix: Use snapshots, not plain sync. Borg and Restic keep daily, weekly, and monthly versions. You can roll back to before the damage.

5. Forgetting the database

You copy the folders for your self-hosted apps but skip the database. When you restore, the app launches with zero data — all your notes, posts, or contacts gone, even though the files looked fine.

Fix: Dump databases to a file before backing up. For Postgres: pg_dump. For most container setups, add a small script that runs the dump first, then backs up the output.

6. Trusting a single cloud account

You rely on one provider. Then they suspend your account over a billing glitch, and you're locked out of everything at once.

Fix: Spread copies across two destinations. One local, one remote. Never let a single login control all your data.

The one thing to do today

Pick your most important folder — photos, documents, whatever you'd cry over. Copy it to an external drive right now. Then unplug that drive. That single offline copy beats the most elaborate backup plan you keep meaning to build.