New Year’s Resolutions

New Year’s Resolutions: a reader asks…


I want to start off 2019 right, what things should I do to keep hackers and scammers at bay?

I think one of the most important things to do at this point is to have good online security. With modern operating systems, your computers are generally much more secure than before, so less likely to be compromised. The concern these days is keeping your online accounts secure. This includes your email account, your social media accounts, online banking and shopping, and any website where you have to log in with a username and password.

These days, most often your username is your email address, and so the 1st line of defense is your password. Even now, the most common passwords in use are simple and easy to guess. For prudent security, each account password should be unique, so don’t use the same password in more than one online place. Passwords should also be long and not easily guessable. Stay away from simple strings of words that could be guessed.


Some websites will have specific password requirements, such as including letters and numbers and special characters (such as the number keys shifted). You have to follow those rules, which can be different for each online account. All of this prudent password practice means you need a password manager – this can be a physical book you use to record passwords, a spreadsheet, or more commonly, a software program/service such as LastPass, 1Password, or Dashlane.


Your 2nd line of defense is to use 2-factor authentication. In addition to typing in your username and password, this feature either uses a smartphone app (like Google Authenticator), or the online entity sends you a text message with a one-time-use code you type in when logging in. Each online account may or may not have this capability, and may use or require a different method. But by all means, you should enable this feature whenever available.

2-factor authentication works to keep everybody but you out of your online accounts. Even if your username and password are compromised, this feature keeps everyone out of your account except you. It has to be set up in advance, so there’s a little work to get it going. But once set up, it works pretty reliably. Nothing is perfect, but you need to do all you can to protect your online accounts.

Your 3rd line of defense is to log into each of your online accounts and a) check and enable whatever security settings are available, and b) check for activity on that account you don’t recognize. You should do this routinely, at least every couple months. Online account providers often change their security capabilities fairly often, so you need to keep checking to enable new security measures that weren’t there before, and to make sure no previous security settings were changed without your knowledge. Yes, this happens.

As a New Year’s resolution, nobody expects you to stop everything else and follow these recommendations immediately. But you should put a plan in place to implement these factors as soon as practicable. For most folks that means following a simple checklist:

  1. Get yourself a password manager, usually that means a software program/service. Unless you have a preference, I like LastPass the best.
  2. Start by securing your email account. Change the password to a very long and obscure set of characters (your password manager can help). Also enable 2-factor authentication if it’s available. Check the security settings and beef them up.
  3. Next, go through all your online financial/banking and shopping websites. Change passwords (make sure each is unique and strong), and enable 2-factor authentication where available. Check the security settings and beef them up.
  4. From then on, as you visit websites that have a login, change the password on each to something unique and strong, and enable 2-factor authentication if available. Check the security settings and beef them up.

Hopefully within a few weeks or months, you will have secured each and every online account you have. Your email account is the first because that’s often the gateway to all your other accounts (e.g., the ‘forgotten password’ feature built into most websites). Second priority are any online accounts that involve money, to protect your financial assets. After that, you can secure all your other accounts as they come up.

Of course, you should also be practicing safe computing, there’s lots of advice in the articles in my library, so feel free to browse. May I suggest my article “Safe Digital Life“?

Leave a Comment

Your email address will not be published. All comments must be approved by the webmaster before they will be publicly viewable. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.