Use strong, unique passwords for every account
Reusing one password across sites is like using the same key for your house, car, and office – if one gets lost, all your doors are open. Make sure every account has a different, complex password. Yes, it’s a hassle to remember them all – which brings us to…
Use a Password Manager
A password manager is basically a secure vault for all your login credentials, so you only have to remember one master password (or use biometrics). It will generate and store crazy unique passwords for you. If you’re thinking, “Can’t I just let my browser save them?” – browser password managers have improved and are certainly better than nothing, but they have some limitations. By default, many browsers will auto-fill or reveal passwords if someone has access to your device or your browser profile. A dedicated third-party password manager offers an extra layer of security since it isn’t tied to your primary accounts and often comes with added features.
Enable Multi-Factor Authentication (MFA) everywhere you can
This is non-negotiable. MFA (also called two-step verification) means that in addition to your password, you need a second thing to log in – typically a temporary code from an app or text, a fingerprint, or a hardware key. It’s extra hassle once in a while, but dramatically improves security. With MFA enabled, even if hackers somehow steal your password, they still can’t get into your account without that second factor. Turn on MFA for email, banking, social media – any service that offers it.
Keep an eye on your accounts (and the news)
Data breaches happen constantly. Use tools like ‘Have I Been Pwned’ to check if your email or phone number appears in a known breach. Many websites and apps will notify you of suspicious login attempts or new device sign-ins – don’t ignore those alerts! Regularly review your account activity and change passwords immediately if something seems off. And if a big breach makes headlines (or, say, 16 billion passwords leak into the wild), be proactive: change your passwords and make sure MFA is on. Good “cyber hygiene” is an ongoing habit, not a one time thing.
Secure your devices and networks
Keep your computer and phone updated with the latest software (those updates often patch security holes). Run reputable antivirus or anti malware tools, especially on Windows PCs.
Be cautious of phishing emails or dodgy links – many infections start with a click on the wrong thing. And yes, even your home Wi-Fi router and “smart” gadgets should have strong passwords (not the default “admin/password” they came with). Don’t let hackers slither into your digital life through an unlocked backdoor.
You don’t need perfect security – you just need to be a tougher nut to crack than the next person. Cybercriminals are usually looking for the easy wins.