Cybersecurity basics everyone should know
Practical steps to protect your accounts, devices, and data — with myths debunked, quick wins, and a printable checklist.
Why it matters
- Most attacks start with social engineering — tricking people, not machines.
- Password reuse lets one breach unlock many accounts. A manager fixes this.
- MFA blocks many account‑takeovers even if a password leaks.
- Updates patch known holes. The longer you wait, the easier you are to target.
- Backups are your safety net against ransomware, loss, or theft.
- Data minimization: the less you share, the less can leak.
Five core habits
🧠 Use a password manager to create 14+ character passphrases. Example: teal‑cactus‑subway‑drifts!
🔐 Enable MFA (authenticator app or hardware key). Save your backup codes inside the manager.
⚙️ Update automatically: OS, browser, and apps. Uninstall what you don’t use.
🎒 Back up with the 3‑2‑1 rule: 3 copies, 2 media, 1 off‑site. Test restores twice a year.
🕵️ Review permissions: camera, mic, location. Share the minimum necessary — especially on social networks.
The 5‑second phishing check
- Pause — urgency is a red flag.
- Inspect the sender — weird domains or spelling?
- Hover links — does the URL match the brand?
- Never share codes — support won’t ask.
- When in doubt — go directly to the site/app instead of clicking.
Home Wi‑Fi hardening checklist
- Change default admin password on the router.
- Update router firmware; turn on auto‑update if available.
- Use WPA2/WPA3 with a unique Wi‑Fi passphrase.
- Rename the default SSID; avoid personal info in the name.
- Enable a guest network for visitors/IoT devices.
- Disable WPS and remote admin unless truly needed.
- Back up router config after changes.
- Consider a separate VLAN or profile for smart devices.
- Prefer HTTPS‑only mode in browsers for extra protection.
- Turn off UPnP if you don’t need it.
Clicked something bad? Do this now
- Disconnect from the internet (Wi‑Fi off) to stop further damage.
- Change passwords starting with email and bank — from a different safe device.
- Revoke sessions in account security settings; check recent logins.
- Enable/confirm MFA and store backup codes.
- Scan with your OS security (Defender/XProtect) and a second‑opinion scanner if needed.
- Restore from a clean backup if files were altered or encrypted.
- Report the incident to the service and your contacts if spam was sent from your account.
- Monitor bank/credit activity for the next weeks.
Privacy quick wins & fun facts
- Phone: disable ad tracking, review app permissions, hide notifications on lock screen.
- Browser: remove unused extensions; set default to always use HTTPS; consider a separate browser for banking.
- Social: restrict who can find you via phone/email; limit public posts; review tag/review settings.
- Cloud drives: share with specific people, not public links; set expiry dates for links when possible.
Mini glossary
- MFA/2FA
- Extra step after your password that proves it’s really you (app code, hardware key, biometrics).
- Phishing
- Tricking you into sharing secrets or clicking a bad link by pretending to be someone you trust.
- EDR
- Endpoint Detection & Response — advanced protection that monitors and blocks threats on devices.
- Passkey
- Passwordless, phishing‑resistant login that uses cryptographic keys tied to your device (FIDO/WebAuthn).
- Ransomware
- Malware that encrypts your files and demands payment to restore them.
FAQ
Is SMS‑based 2FA okay?
It’s better than nothing. Prefer an authenticator app or security key when available.
Do I need an antivirus?
Keep your OS protections enabled (Defender/XProtect). For higher risk, consider a reputable paid solution or EDR.
How often should I change passwords?
When there’s a breach or you reused a password. Otherwise, use strong, unique passphrases and enable MFA.
Are password managers safe?
Yes, when used properly. They encrypt your vault with a master passphrase; enable MFA, keep apps updated, and use a unique master passphrase.