‘It's easy to stay safe online’ with these 4 steps (plus 1)

A woman sits at a table and looks at her phone, where she may encounter TikTok scams.

Here are the four key steps with easy action items, plus a bonus task to help you protect yourself from identity theft this year.

It's that time of year again: the time to think about the importance of cybersecurity and take some simple, easy steps to protect yourself and your family.

October is Cybersecurity Awareness Month, an annual event that's been taking place since 2003 to highlight the importance of online security. The theme for Cybersecurity Awareness Month 2023: "4 simple steps every American can take to stay safe online."

Here are the four key steps with easy action items, plus a bonus task to help you protect yourself from identity theft this year.

1. Turn on multi-factor authentication

One of the quickest and easiest ways to stay safe online: enable multi-factor authentication on your accounts. This simple step takes just a few minutes per account, and you only must do it once. As soon as it's in place, it becomes twice as tough for hackers to gain access to your accounts.

What is multi-factor authentication (MFA)? Also known as two-factor authentication, this widely available tool secures your accounts by requiring two pieces of information to log in. One common example of two-factor authentication: entering your password and then typing in a one-time code sent to your email address or smartphone.

Other examples of a second step that may be used in two-factor authentication or 2FA include:

  • A security question (for example, "What was the name of your favorite teacher?")
  • A biometric identifier such as your face or fingerprint.
  • A temporary passcode you get via an authenticator application.

You can typically enable multi-factor authentication by going to an account, going to settings and looking under security. You then toggle multi-factor authentication to "on" and provide any necessary information, such as your  phone number or email address where you want a code sent. For example, here's how to turn on 2FA on Facebook and on Google.

Quick "It's easy to stay safe online" task 
Take 20 minutes to set up 2FA on your most important accounts. Consider doing this for: your bank and credit card, email, payment, utilities, shopping and social media accounts. Here's a cheat sheet so you don't forget any accounts. 

2. Shore up your password practices

Another top priority for online safety: Use strong passwords and a password manager. If you can easily remember a password, chances are good that a hacker could use a computer program to quickly guess it and get the keys to your online kingdom. 

A strong password should be:

  • Complex – with upper and lowercase letters, numbers, and symbols
  • Long – at least 16 characters long to make it much harder to crack
  • Hard to guess – no real words or personal details like names and birthdays

But the same characteristics that make passwords hard to crack also make them difficult to remember. That's why password managers are such a handy tool.

Password managers keep track of all your passwords in a secure online vault, can generate strong passwords for you on demand, and can even safeguard other important information such as your credit card numbers. They can quickly and easily auto-fill your passwords for you when you log into a site. Examples of popular password managers include Norton Password Manager. You can get a free or paid password manager service depending on your needs, number of devices you have, and the features you need.

Quick "It's easy to stay safe online" task 
 If you don't have one, take 10 minutes to start using a reputable password manager. To sign up, choose your password manager, register for an account, and choose a master password. Hint: Make your master password very long and very difficult to guess. And make sure to keep it in a secure place. Your master password will give you access to your password manager but could also be used by a cybercriminal to get ahold of all your passwords if you don't keep it safe.

3. Update your software right away

Keeping your software up to date is one of the easiest and most important things you can do to stay safe online.  That's because software updates often fix bugs or loopholes attackers can exploit to gain access to your data, infect your device with malware or ransomware, and even remotely take over your computer.

Make sure to update your software on a regular schedule or whenever you get an alert letting you know an update is available. Get in the habit of doing software updates right away rather than putting them off for later. It's also smart to get a reputable security program that can add an extra layer of protection.

Want to brush up on how to perform regular updates? Here's how to update the software on an Android and how to update the software on an iPhone or iPad. It's important to regularly update your operating system as well as apps on your device. Not only will regular updates help keep you safe online and shore up your privacy, they'll also fix glitches and help your devices run more smoothly.

Quick "It's easy to stay safe online" task
Take 15 minutes to check your devices for software updates and get current. For convenience and speed, turn on automatic software updates. If you prefer to update software manually, set up an alert to remind you to check for updates once a month.

4. Spot and report phishing scams

Learning to recognize and report phishing scams is a top step you can take to stay safe online. Fortunately, it's fairly easy to do and doesn't take long at all.

What is a phishing scam? It's when a cybercriminal sends you a fake email, direct message, text, or even a pop-up ad to try to trick you into taking an action such as clicking a link, providing personal information, or making a payment. A phishing message may be cleverly disguised to look like a real message from a familiar company such as your bank.

Cybercriminals can be pretty sophisticated with phishing scams, to the point that there are many types of phishing techniques that have earned their own names. For example, "spear phishing" targets a specific individual rather than a group, and "whaling" targets a big fish like the CEO of a company.

Learning to spot the telltale signs of phishing and to stop and think before acting on an email or other message can go a long way towards keeping you safe from phishing scams. Here are some clues that can tip you off to a phishing attack:

  • Alarming "news" about an account.
  • Attachments that look odd.
  • Failure to address you by name.
  • Grammar errors or misspellings.
  • Offers for free gadgets, trips, or other items of value.
  • Language that sounds just a little bit "off."
  • Request to click a link or take urgent action.

Quick "It's easy to stay safe online" task 
Take 10 minutes to review these real life examples of phishing messages that were sent through email and social media. And make a quick note of what to do if you receive a suspected phishing message: Don't click on links or open attachments, report phishing to your email provider, delete the message and block the sender. As an example, here's how to report phishing in Gmail if they're your provider.

5. Protect your identity and privacy

It's common to fall prey to identity theft and it's hard to clean up the mess after it happens. But you know what's easy? Our bonus behavior: protecting your identity and privacy.

The good news: some of the items we've already reviewed, such as security software, strong passwords, two- factor authentication, and regular software updates, can help protect against identity theft. To learn what else you can do, check out this list of ways to avoid identity theft.

Quick "It's easy to stay safe online" task
Take 15 minutes to complete these three simple steps to safeguard your identity. Make sure your mobile device is locked with a strong passcode to keep ID thieves from adding spyware when you're not looking. If you don't own a shredder for sensitive documents, take a minute to research models or make a note of the dates of free shredding events in your community. And set up an alert to remind you to check your credit reports for free at AnnualCreditReport.com. You get a free report from each major credit bureau once a year. So check one bureau each quarter to keep an eye on your credit year-round.

As you can see, it really is quick and easy to bolster your cyber security. You can do these four key behaviors in an hour or less — and many only need to be done once. Making the time to do these tasks this month will pay you back many times over in greatly enhanced security and peace of mind.

Norton technology blocked 142 million threats a day.

Norton™ 360 brings real-time protection for your PCs, Macs, smartphones or tablets against ransomware, viruses, spyware, malware and other online threats.

Try Norton 360. Post, bank and shop from your device. We’ll keep it secure.

Allie Johnson
  • Allie Johnson
  • Freelance Writer
Allie Johnson is a freelance journalist who covers cybersecurity, privacy, and consumer topics. She has written for Bankrate, CreditCards.com, and Discover.

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.