A few simple habits can dramatically reduce the chances of being caught in a scam or attacked by malware.
Start With the Basics
• Use strong, unique passwords
Avoid easy passwords like birthdays or pet names, and don’t use the same password on multiple sites.
Many of us would benefit from a password manager which can create and remember long, secure passwords. Programs such as Proton Pass or Bitwarden offer free plans with unlimited logins, and are easy to install and use.
• Turn on two-factor authentication (2FA)
This adds a second step — such as a code sent to your phone — so even if someone steals your password, they can’t access your account. 2FA is essential for all banking and commercial account logins.
• Passkeys (new and now recommended)
More websites are now offering passkeys as a method to login, replacing passwords and 2FA. Passkeys make it quicker and easier to log in, whilst making the process safer and more secure.
The website generates a pair of digital keys, and keeps/ stores the public key whilst the user (you) receive the private key.
Most users will store their private keys in their browser password manager or a vendor controlled cloud sync service. For those who have a local password manager such as Proton Pass or Bitwarden, these can also be used, and are arguably safer and more transparent than browser-only or big-vendor cloud storage.
• Be cautious with phone calls, emails and links
Scams often arrive as urgent, unsolicited phone calls or emails pretending to be from banks, delivery companies, or government offices. If it feels suspicious, it probably is.
• Keep your devices updated
Updates aren’t just for new features — they repair security holes that criminals try to exploit. So don’t delay installing these updates on your computer, phone, and apps.
Additional Layers of Protection
Once the basics are in place, a few extra steps can make you safer.
• Antivirus Software
Antivirus software isn’t the be-all and end-all of cybersecurity, but it does give added protection from viruses, ransomware, and unsafe downloads — especially on Windows computers.
• Use a Non-Administrative Account
On most computers, the main user account has “administrator” privileges, meaning it can install software and change system settings. If malware runs under an admin account, it can do far more harm.
Certainly keep (or add) an admin account for when you need to install programs or change system settings. But for everyday tasks like email and web browsing, it is much safer to be logged in to a standard user account without admin privileges. This greatly improves security by limiting what malware can do, even if you click on the wrong thing.
• Consider Using Linux
This option isn’t for everyone, but it’s worth mentioning. Linux is a free operating system that is far less targeted by viruses and scams than Windows. For a typical home user, running Linux without antivirus software is generally safer than running Windows with antivirus, and whilst Linux isn’t infallible, the risk of common malware is much lower.
Think of Cybersecurity as Layered Protection
No single step makes you 100% safe — but each layer adds protection, just like having both a lock and a security screen on your front door.
Basic habits + antivirus + safer account setup = far less chance of trouble.
A Few Final Tips
- Back up your important files so you don’t lose them if something goes wrong.
- Be careful on public Wi-Fi, and avoid for online banking or shopping.
- Trust your instincts — if something looks odd, stop and double-check.
If you take these measures one step at a time, you’ll be able to enjoy a much safer digital life.