1. Keep all software up to date. Let the software do all the work for you. Enable automatic updating on all of your security software and operating systems. Include any applications that support auto-updating. Don't forget that mobile devices and apps need updating, as well.
2. Use multi-factor authentication. Even if a crook gets hold of your password – you know, the one that's complex and unique ;-) – they won't be able to get into your account unless they also control the second factor. Two-step verification is good (think SMS codes), two-factor authentication is best (think hardware token or biometric).
3. Connect with care. Be suspicious of all emails you receive that contain attachments or links. Especially the ones that urge you to act right away. Phishing emails are better than ever. Take the extra time to spot anything that looks odd and even verify the communication. You're not sure your mom actually sent you that online animated card for your birthday? Give her a call and ask. You'll be doing yourself a favor, and she would love to talk to you.
