**Cyberattacks are a growing threat to individuals, with global costs projected to exceed $10 trillion annually in 2025.** Every 39 seconds, a cyberattack occurs somewhere on the internet, highlighting the need for individuals to take proactive measures to secure their online presence. According to cybersecurity research, individuals are often more vulnerable to cyber threats due to weaker defenses compared to banks and governments. A hacked bank account, stolen identity, taken-over social media profile, or compromised email account are just a few examples of the consequences of inadequate online security. Fortunately, these incidents can be prevented with a few basic security habits. This comprehensive checklist aims to guide individuals through the necessary steps to secure their online life, without requiring technical expertise. **Section 1: Passwords, Your First Line of Defence** Weak passwords remain the primary exploited vulnerability on the internet. Research from the *Verizon Data Breach Investigations Report 2025* found that compromised credentials are involved in over 80% of hacking-related breaches. The most common passwords in use globally are still variations of "123456" and "password." To strengthen password security, individuals should: * Use a password manager, such as *Bitwarden*, *1Password*, or *Dashlane*, which generates, stores, and fills in strong, unique passwords for every account. * Ensure every password is unique, as reusing passwords across accounts can lead to credential stuffing, a common attack method online. * Make passwords long and complex, with a minimum of 12 characters and a mix of uppercase letters, lowercase letters, numbers, and symbols. * Change passwords immediately after any breach, using services like *haveibeenpwned.com*, which checks email addresses against a database of over 13 billion breached credentials. **Section 2: Two-Factor Authentication, The Most Important Security Step You Can Take** Two-factor authentication, commonly called 2FA or MFA (multi-factor authentication), adds a second layer of verification beyond your password. This crucial security step can significantly reduce the risk of unauthorized access to accounts. To implement two-factor authentication: * Enable 2FA on all accounts that support it, including email, social media, and financial services. * Use authenticator apps, such as *Google Authenticator* or *Authy*, to generate time-based one-time passwords (TOTPs). * Consider using physical tokens, such as *YubiKey*, for added security. * Regularly review and update two-factor authentication settings to ensure they remain secure and effective. By following these practical steps, individuals can significantly harden their defenses against cyber threats and protect their online presence.