Stores/generates unique passwords so you do not reuse them across sites.

A second proof beyond a password; blocks many account takeovers.

Messages that trick you into giving secrets or installing malicious software.

Give accounts/apps the minimum access needed; reduce blast radius.

3 copies, 2 different media, 1 offsite/offline copy.

One password per site prevents one breach from becoming many breaches.

Passwordless login using device keys; resistant to many phishing attacks.

Patch known vulnerabilities quickly (OS, browser, apps).

Use a strong PIN/biometrics and auto-lock to protect physical access.

Protects data at rest if your device is lost or stolen.

Store account recovery codes securely (offline) for emergencies.

App/hardware MFA is safer than SMS, which is vulnerable to SIM swap.

Attackers hijack your phone number.

Mitigation: carrier PIN + avoid SMS MFA.

Assume public networks are hostile; avoid sensitive actions or use trusted protections.

Encrypts traffic in transit; verify for sensitive logins and payments.

Extensions can read pages and data. Install few; remove unused.

Review app permissions periodically; revoke what you do not need.

A backup is only useful if restore works; test restores occasionally.

Malware that encrypts data. Best defense: offline backups + updates.

Attackers exploit trust and urgency. Slow down and verify via a second channel.

Treat reset emails/links as high risk; verify the sender and domain.

Enable login and security alerts to detect compromise early.

Hardware keys provide strong phishing-resistant MFA for critical accounts.

Monitor for breaches and rotate passwords when an account is exposed.