This article refers to Opera versions 15 and onwards (the ones based on Chromium). If you want to make the older 12.x (Presto-based) version more secure, read the Securing Opera 12.x article instead.
Open Opera settings by clicking the big red O button in the top left corner and clicking Settings. Alternatively, use keyboard shortcut ALT+P for this.
Those who require extra security from drive-by-attacks and are fine with additional clicks to enable browser plug-ins (such as Java or Adobe Flash Player) should open Websites tab on the left and select Click to play from the Plug-ins section.
This feature prevents hidden malware on infected or malicious web pages from launching automatically. Click-to-play can always be customized on per-site basis using the Manage exceptions button.
This means that all plug-ins on web pages are replaced with a clickable play button and "Click to run <plug-in name>" text as displayed in example below.
Scroll down the settings list and make sure that Do not allow any site to show pop-ups (recommended) is selected in the Pop-ups section.
Then select Do not allow any site to track my physical location in the Location section to disable sneaky geolocation features.
Click Privacy & security tab on the left.
Those very concerned about their privacy can clear the Use a prediction service to help complete searches and URLs typed in the address bar, Predict network actions to improve page load performance and Automatically send usage statistics and crash reports to Opera check boxes. These options send anonymous data about your behavior and browsing habits to Opera.
Always tick the Send a 'Do Not Track' request with your browsing traffic check box to prevent advertisers from storing and using your browsing habits.
Scroll down the list and clear the Offer to save passwords I enter on the web check box in Passwords section. Never use browsers for storing passwords - these are the first thing that any malware steals and decrypts! Install free Password Safe for storing and auto-filling credentials instead.
Finally, there's the Cookies section. Those extremely privacy-concerned, can activate the Keep local data only until I quit my browser and Block third-party cookies and site data options.
But remember, some sites may not work properly if using these options - never enable the two settings above in case you are using two-factor authentication schemes on sites like Google, Dropbox, Facebook, Twitter, Linkedin, Microsoft, Yahoo, etc!
For 2-step authentication or normal browsing, enable only the Allow local data to be set (recommended) option here.
That's it - close the Settings browser tab to return to Opera.
To run your browser even more securely and protect it from zero-day attacks, use the free Microsoft EMET.