10 steps to protect your devices, accounts, and privacy. Check off each item and lock down your digital life.
Your 10-Step Security Action Plan
Follow these steps in order. Each one eliminates a major vulnerability.
1
Enable two-factor authentication everywhere2FA blocks 99.9% of account takeover attacks. Start with email, banking, social media, and password manager. Use an authenticator app (Google Authenticator, Authy) over SMS when possible. SMS interception is still a risk.
2
Install a password managerStop reusing passwords. A password manager generates and stores unique, complex passwords for every account. Top choices: 1Password, Bitwarden, Dashlane. Use a strong master password you can remember but nobody can guess.
3
Enable automatic updates on all devicesUnpatched software is the #1 entry point for hackers. Turn on automatic updates for Windows, macOS, iOS, Android, and all apps. Zero-day exploits are patched quickly — but only if you install the update.
4
Set up a VPN for public Wi-FiPublic Wi-Fi networks are unencrypted and easy to intercept. A VPN encrypts all your traffic so nobody on the same network can see what you're doing. Activate it automatically when connecting to untrusted networks.
5
Review and tighten privacy settingsGo through each of your online accounts and disable unnecessary data sharing. Turn off location tracking, ad personalization, and data collection where possible. On phones, review app permissions — does a flashlight app really need your contacts?
6
Install an ad blockerMalicious ads (malvertising) can infect your device without any click. Use uBlock Origin on desktop and a reputable ad blocker on mobile. Bonus: pages load faster and use less data.
7
Back up your data — the 3-2-1 ruleRansomware and hardware failure can wipe everything. Follow the 3-2-1 rule: 3 copies of your data, on 2 different media types, with 1 copy offsite. Use a local external drive plus a cloud backup service like Backblaze, IDrive, or iCloud.
8
Secure your home Wi-Fi networkChange the default router admin password. Use WPA3 encryption if available (or WPA2 as fallback). Disable WPS, enable the firewall, and consider a separate guest network for visitors and IoT devices.
9
Check for data breachesVisit HaveIBeenPwned.com and enter your email addresses. If any accounts appear in known breaches, change those passwords immediately. Enable breach monitoring alerts to get notified of future leaks.
10
Run an antivirus scanEven if you're careful, malware can slip through. Run a full system scan using a reputable antivirus. Windows Defender is solid for most users. For extra protection, consider Malwarebytes or Bitdefender for real-time threat detection.