Set up individual accounts that allow only the access and permissions needed by each user. When you need to grant daily use accounts administrative permissions, do so only temporarily. This precaution reduces the impact of poor choices, such as clicking on phishing emails or visiting malicious websites.

When you use a PC or Mac, you might have multiple user accounts set up. Try to use a normal non-admin account for your day-to-day activities. That way, it’s harder for anyone to do lasting harm to your system if it’s stolen or infected while logged in to an admin account with extensive permissions.

Peer-to-peer (P2P) websites are fraught with risk. While you’re searching for links to torrents, you might see thumbnails for stories that seem oddly relevant or interesting, with titles like “New rule in [your location].” A lot of these links lead to malware, so don’t click them or, better yet, don’t visit P2P sites to begin […]

A lot of websites contain large “Install” buttons all but begging you to click them. You shouldn’t. They will usually give you adware or spyware instead of what you wanted or, worse, they’ll redirect you to a compromised website.

Email attachments are to some degree unavoidable in normal personal and business communications. However, it’s a good idea to minimize your exposure. Don’t open any attachments from people not in your contacts list, and ask senders if they can share the document via a cloud link instead (much safer).

It’s fully possible to create your own strong passwords, i.e. ones based on phrases, but it’s often more trouble than it’s worth. Many password managers, including ones built into OSes like Apple iOS, can take care of password generation, storage, organization and retrieval for you.