The MUO Security Checklist: What You Need To Do Right Now To Be Safe

Chris Hoffman 10-10-2012

The MUO Security Checklist: What You Need To Do Right Now To Be Safe tick mark on a green lockSecurity can be an overwhelming subject – there are so many potential problems we need to think about when securing our computers, our online accounts, and our wireless networks. This list should help simplify things – follow this checklist and you’ll be well on your way to staying safe on a dangerous Internet.


Many security problems are caused by other people, whether it’s a company releasing software with dangerous security holes or a website getting hacked and leaking our passwords. While we can’t stop these problems from occurring, we can reduce the danger.

Use a User Account With Limited Permissions

Using an administrator user account with no protection – as most people did on Windows XP – puts you at risk. To be secure, you should be using a user account with limited permissions. This prevents programs from modifying your system without prompting you. If you’re using Windows 7 (or even Windows Vista), ensure you have User Account Control enabled. UAC allows you to use your computer with an administrator account, but you’ll still be prompted when programs want administrator permissions.

To check your UAC settings, click the Start button, type UAC into the Start menu, press Enter, and ensure the slider is set somewhere above Never Notify.


If you’re using Windows XP, using a standard user account may be a good idea – but this is more difficult, as most software assumes it has administrator access on Windows XP. If you’re using Windows XP, you should probably upgrade soon anyway – security updates for Windows XP stop in April 2014.


Use Good Password Practices

Many people use weak, easy-to-guess passwords online. Even if they don’t, they’ll re-use strong passwords on multiple websites. Both are dangerous.

Choose strong passwords that aren’t just dictionary words – select ones that would be difficult for a cracker or computer program to guess. You should also use good security questions – if anyone can get into your account by knowing the high school you went to (a publicly available piece of information), that’s a problem. For help choosing good passwords and security questions, check out:

You should also be using a different password on each website. This is crucial. When a high-profile website becomes compromised – LinkedIn, Yahoo,, and eHarmony have all had password leaks in the last year – crackers can look at the leaked list of email address/password combinations and try them on other websites. If you register for a website with your email address and use the same password you use for your email account, people can get into your email account easily. If you reuse the password on other websites, they can access those accounts, too. Using a unique password everywhere helps you limit the damage.

Store Your Passwords In A Password Manager

Remembering strong, unique passwords for every website can be difficult. That’s where a password manager comes in. We’ve talked about password management strategies Use A Password Management Strategy To Simplify Your Life Much of the advice around passwords has been near-impossible to follow: use a strong password containing numbers, letters and special characters; change it regularly; come up with a completely unique password for each account etc.... Read More before, and a password manager is one of the best. Some of the top password managers include LastPass, which encrypts your passwords and stores the encrypted file on LastPass’s servers, where you can access it from anywhere, and KeePass, which keeps an encrypted copy of your passwords on your computer – you’re responsible for backing it up, although you can synchronize it with Dropbox Dropbox Tips Read More or another cloud storage service Dropbox vs. Google Drive vs. OneDrive: Which Cloud Storage Is Best for You? Have you changed the way you think about cloud storage? The popular options of Dropbox, Google Drive, and OneDrive have been joined by others. We help you answer which cloud storage service should you use. Read More .


Set Up 2-Factor Authentication

If someone does get access to your password, two-factor authentication prevents them from accessing your account. With two-factor authentication, you’ll need more than just your password to log into a website – you’ll also need a special, time-sensitive key. These keys are often generated by a mobile app or sent to you via SMS. A variety of services support two-factor authentication, including Google Google Recommends 2-Step Process To Protect Your Account [News] Most savvy Internet users probably have at one at least Google account - mainly because Google, for good or bad, crosses paths with so many other websites that it's hard to avoid not using the... Read More , Facebook How to Use Facebook Two-Factor Authentication and Mobile Code Generator Here's how to set up two-factor authentication on your Facebook account and use the Facebook Code Generator for better security. Read More , Dropbox, LastPass LastPass Premium: Treat Yourself To The Best Password Management Ever [Rewards] If you've never heard of LastPass, I'm sorry to say that you have been living under a rock. However, you are reading this article, so you've already made a step in the right direction. LastPass... Read More , and Blizzard’s 4 Apps Every Diablo 3 Player Should Have On Their Device [iOS] When anything is popular, there are usually a slew of mobile applications that hit the market in an attempt to cash in on the popularity. Diablo 3 is no exception. However, one glance at the... Read More .

The MUO Security Checklist: What You Need To Do Right Now To Be Safe googleverfication

Install Updates Frequently

You should be frequently installing updates for Windows 3 Reasons Why You Should Be Running The Latest Windows Security Patches & Updates The code that makes up the Windows operating system contains security loop holes, errors, incompatibilities, or outdated software elements. In short, Windows isn't perfect, we all know that. Security patches and updates fix the vulnerabilities... Read More  and the other software on your computer, particularly web browsers and plug-ins like Flash and Java Is Java Unsafe & Should You Disable It? Oracle’s Java plug-in has become less and less common on the Web, but it’s become more and more common in the news. Whether Java is allowing over 600,000 Macs to be infected or Oracle is... Read More . While updates can be a hassle Why Do Apps Nag Me to Update & Should I Listen? [Windows] Software update notifications seem like a constant companion on every computer. Every app wants to update regularly, and they nag us with notifications until we give in and update. These notifications can be inconvenient, especially... Read More , they’re essential. The bad guys are constantly finding holes in software, which need to be plugged.

Setting Windows Update and the other software on your computer to automatically check for and install updates is an easy way to stay safe without thinking about it. To ensure Windows Update is set to automatically install updates, click Start, type Windows Update, and press Enter. Click the Change Settings link in the sidebar to view your update settings.



Use An Antivirus

An antivirus is an essential layer of protection. While you can try to stay safe by keeping your software updated, only visiting safe websites, and installing only trusted software, there’s always a chance something could slip through. A new security hole in your browser could be exploited, or a trusted website could have become compromised.

An antivirus program is another line of defense. You don’t have to pay anything for an antivirus – there are some great free options. If you have an antivirus installed, leave it on its default scanning settings, which will automatically scan everything in the background. Antivirus programs will generally perform regular, full-system scans, so you don’t have to worry about initiating any scans yourself.

Test Your Firewall

You should also be using a firewall How Does A Firewall Work? [MakeUseOf Explains] There are three pieces of software that, in my opinion, make the backbone of a decent security setup on your home PC. These are the anti-virus, the firewall, and the password manager. Of these, the... Read More – if you’re using a standard consumer router, it already effectively functions as a firewall. Even if you aren’t using a router, Windows comes with a firewall built in. To make sure your firewall is working properly, you can use the GRC Shields-Up test, which scans your IP address and detects if your firewall is blocking access to network ports.


Secure Your Wi-Fi

Securing your Wi-Fi network is particularly important. If you choose the wrong settings for your Wi-Fi networks and leave it open to the public, you could have all sorts of problems – everything from people snooping on your web browsing activity to people using your Internet connection for illegal things that would be traced back to you.

Ensure you’re using encryption for your wireless network – you should have to enter a passphrase when you connect a new device to your network. You should also be using WPA or WPA2 as your encryption type – the older WEP encryption can be broken.

To change your encryption settings, navigate to your router’s web administration page 7 Essential Wireless Router Features You Should Be Using If you think a wireless router’s only job is to connect you to the world of the Internet, you’re missing out on a lot of its awesome goodness. Sure, maybe all you need is Internet... Read More (you’ll find instructions to access this page in your router’s manual) and look for the wireless security section.

The MUO Security Checklist: What You Need To Do Right Now To Be Safe wireless router security

Do you have any other security tips to share? Leave a comment and let us know what you do to stay safe online.

Image Credit: Tick Mark on a Green Lock via Shutterstock

Related topics: Anti-Malware, Firewall, Password, Password Manager, User Account Control.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. sachin goral
    January 18, 2013 at 6:19 pm

    I usually keep funny palindromes as my passwords, remember em always...

  2. Shubharup Ganguly
    October 22, 2012 at 5:45 pm

    These steps should be enough for the regular user, but the advanced user requires some more measures.
    1) Try to use a VPN, TOR or any such encryption service at all times. Even with the toughest security measures, you're vulnerable if you're over an un-encrypted line.
    2) Use a RAMDISK. I'm not gonna go into detail about what it is, because a simple Google search can tell you more than I know about it. If you use a RAMDISK, your cache, history, password and all such data that the browser or rather any other application stores in the temp folder is cleared and wiped clean. Its a very effective security method.
    3) Change your browser profile to something very un-ordinary. Its a long shot, but certain malware are designed specifically for common browser profiles. An unfamiliar profile will keep such pieces of code at bay.
    4) I cannot stress this enough, but ALWAYS do a weekly virus scan. I keep Comodo on top priority mode at all times, yet I do a weekly scan on Sunday evenings. I prefer and recommend MalwareBytes, especially because it has very up to date virus definitions.
    5) Everybody has a tool in their toolbox which they prefer not to use. Its called Common Sense. Use it, and you're good to go.

  3. Mike
    October 18, 2012 at 3:37 am

    i just encrypted my wifi so its private to me thanks to this lovely guide thank you so much for the tips

    • Chris Hoffman
      October 22, 2012 at 5:47 pm

      Good to hear!

  4. Gordon Hay
    October 13, 2012 at 10:50 pm

    thanks for the link to the GRC site - very reassuring to know that my protection is as good as it gets!

  5. Keith Swartz
    October 12, 2012 at 5:28 am

    Good article, Chris! Whoever wrote "I learn something new everyday" must have been an avid reader of MakeUseOf! Thanks, yet again!

  6. Yash Desai
    October 11, 2012 at 10:19 pm

    why is it better to use a user with limited permissions?

    • Hhelibeb.Cnofne.2011
      October 12, 2012 at 5:01 pm

      The idea behind limited permission is that the virus/worm/... whatever bad thing you catch on the internet has not the permission to get into the deep core of the operating system. You know as well malware is bound to the limited permissions. So that can make the difference between a malware beeing detected and easily removed without destroying a lot OR getting a malware that is a pain to remove and could cause a lot of damage!

      • Chris Hoffman
        October 22, 2012 at 5:49 pm

        Yup, it makes things more difficult for malware. They can't just start modifying system files because they'll also start with limited permissions. You may see a suspicious UAC prompt and that can flag you to the problem.

  7. Alex Perkins
    October 11, 2012 at 4:31 pm

    The WPA2 can be broken too, it just takes longer.

    • Hhelibeb.Cnofne.2011
      October 12, 2012 at 4:53 pm

      Its basically the concept of all the security. There is nearly every time a way around it. The question is how long it takes and if it is worth it! :-)

      • Alex Perkins
        October 12, 2012 at 4:54 pm

        Exactly, everything just takes time.

    • Chris Hoffman
      October 22, 2012 at 5:46 pm

      Yup, Fort Knox can be broken into, too. It's all about making it more difficult.

      (Also, it's like running from a lion -- you just have to run faster than the other people. If you use WPA2 and your neighbors use WEP, no one's going to try to crack your Wi-Fi password when they can easily get your neighbors'.)

      • Alex Perkins
        October 23, 2012 at 2:45 pm

        Nice explanation there, I live in the country with no neighbors but still use WPA2. ;-)

  8. Sam Kar
    October 11, 2012 at 3:25 pm

    Nice checklist
    I remember something similar was posted here recently.

  9. Mac Witty
    October 11, 2012 at 1:08 pm

    Yes!! GRC Shields-Up test:
    Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. .... But your system wisely remained silent in every way. Very nice.

    • Chris Hoffman
      October 22, 2012 at 5:45 pm

      That's the way it should work, it'd only be news if it didn't!

  10. Harish Jonnalagadda
    October 11, 2012 at 11:54 am

    Seems these days security concerns are everywhere! Thanks for the very timely article.

  11. Manuel Guillermo López Buenfil
    October 11, 2012 at 5:53 am

    Another step: Install anti-theft software, like Prey. If your computer gets stolen and you want to get it back, then you better have a way to let them use it (like a guest account) while you gather information to recover it.

    • Chris Hoffman
      October 22, 2012 at 5:44 pm

      Good idea. I don't use anti-theft software, but I probably should.

  12. Garey Boone
    October 11, 2012 at 4:52 am

    Good stuff Chris.

  13. Adrian Rea
    October 11, 2012 at 12:43 am

    Make a backup of your data - it is one thing to have your data stolen, its even worse if it is gone and you don't have a copy. This also gives you and idea how much and what you have given away and what may come back to bite you!
    Encrypt your data - there is rumour round the internet now that previously military standard hard drive write-wipe deletion is not enough and so only keeping your stored data encrypted (and still write wiped at end of life, will it be safe from data thieves.

    I never like to install updates automatically as I could go down to dinner mid document and come back to a restarted computer.

    • Chris Hoffman
      October 22, 2012 at 5:44 pm

      Good tips. Also a good point about the restarts, that can be horrible.

  14. Curtis C.
    October 10, 2012 at 11:34 pm

    Thanks for the info!

  15. scott boyer
    October 10, 2012 at 11:07 pm

    just updated my programs thanks for info

  16. Igor Rizvi?
    October 10, 2012 at 10:21 pm

    Btw: check this out : :)))) very nice!

  17. Igor Rizvi?
    October 10, 2012 at 10:18 pm

    In the instructions of my ISP (T-com) it states that for my wirelles connection the settings for encryption should be on Wep only.Should I consider this a minimum security problem,or should I call them and check this out.Or can i just manually set it on Wep2???

    • Johann
      October 10, 2012 at 11:23 pm

      Your ISP shouldn't really care what you use on your wifi network as it doesn't affect your connection to them so this is very much just their recommendation.

      They are giving you bad advice here though, you should definitely be using WPA instead of WEP. WEP has been easily crackable for a number of years. also if your router has WPS (used to quickly set up wifi connections between devices) you should also turn that off if possible too.

    • Johann
      October 10, 2012 at 11:28 pm

      On FireFox I recommend using 'HTTPS Everywhere' to force connections to use HTTPS on most major sites. Also if you don't want to be tracked whilst online then I recommend DoNotTrack+ and Ghostery. as well. It is important to block these 'trackers' as some of them can leak your credentials whilst dialing home with info - they're therefore useful for more than just stopping your browsing habits being monitored.

      NoScript is always good in principle but it breaks so many things I find it next to useless for an average user. The three I mention above have very low impact on general web use.

      • Igor Rizvi?
        October 11, 2012 at 12:04 am

        I use adblock plus,and do not track..and i find it highly effective.But why am i asking about wep : because i often create a wi fi connection so my gf can acces the internet trough her andoroid phone,or my brother trough laptop .... so ...should i swap it for wep 2 and turn off wps ,is that what you are suggesting or?

        • Hhelibeb.Cnofne.2011
          October 12, 2012 at 4:50 pm

          Securing you wifi with WEP is better then nothing of course. But it is not considered secure anymore as far as i remember.

          WPA is the latest standard and supported in a lot of devices. If all your devices support it, i would suggest switch over to WPA. If they dont support it ... you can stick to WEP as it is better then switching it off - of course!! :-)

    • Chris Hoffman
      October 22, 2012 at 5:43 pm

      It's possible that your ISP's instructions are out of date and are recommending WEP because WPA wasn't around back then. But your ISP shouldn't care what Wi-Fi encryption you use, and WPA is definitely better.

      (I think WEP is the only setting that works with the Nintendo DS, so I used to see people saying they used the weaker WEP only because of that. For shame, Nintendo.

      The 3DS works with WPA at least, apparently.)

  18. Edwin Williams
    October 10, 2012 at 9:53 pm

    I was surprised when my roommate didn't use any encryption on our wifi. But we have security now!