The holiday season is here! For millions of us, that means spending quality time with family and friends, indulging in festive feasts, and perhaps tackling a never-ending list of tech fixes. Whether it’s troubleshooting spotty Wi-Fi or untangling printer issues, tech-savvy family members often find themselves pressed into service.
But this year, why not give a gift that lasts beyond the holidays? The gift of cybersecurity. By sharing a few simple yet impactful security tips, you can help protect your loved ones from online threats. While fixing the family printer is a nice gesture, ensuring your family’s online safety is a game-changer.
As someone who has reported on hacks and breaches for over a decade, I see cybersecurity as a long-term investment in avoiding disasters you hope never happen. Nobody wants to experience the panic of realizing their bank account has been drained or their email hacked. Yet, many people mistakenly believe, “It could never happen to me.” Meanwhile, outdated passwords and neglected security practices leave them vulnerable.
Taking a few minutes this holiday season to share practical cybersecurity tips can make all the difference. To guide you, I turned to Rachel Tobac, CEO of SocialProof Security, and Caitlin Condon, vulnerability intelligence director at cybersecurity firm Rapid7, for their expert advice on the security basics that matter most.
Start with the Basics: Passwords and Password Managers
“When we go home for the holidays, a lot of times our family asks us for things that aren’t the most important for their security,” said Tobac. For instance, advice on cryptocurrencies might seem cutting-edge, but if your relatives are still reusing the same password for all their accounts, they’re far more at risk of being hacked.
The Fix? A Password Manager.
The best password is one you never have to remember—that’s where password managers come in. These tools generate and store complex, unique passwords for each of your accounts, protecting you from the risks of password reuse. Password managers are a simple, effective way to enhance your security across the board.
Popular options include browser-integrated tools, iOS’s Passwords app, and third-party managers like Bitwarden, which offers a free version accessible on multiple devices.
Setting up a password manager for a less tech-savvy family member can be a great bonding activity. Start by helping them create a strong master password, install browser extensions, and generate new passwords for essential accounts like banking or healthcare portals. Don’t forget to explain how to log in and out of the manager and ensure they feel confident using it.
Worried they’ll forget their master password? Suggest writing it down and keeping it in a safe place at home. As Condon notes, “It’s a lot less risky to write down a master password than it is to reuse easily guessable passwords.”
Layer Up: Enable Multi-Factor Authentication (MFA)
Passwords alone aren’t enough to safeguard your accounts. Some of the biggest breaches in recent history were enabled by poor password security—a vulnerability that multi-factor authentication (MFA) could have mitigated.
MFA adds a second layer of protection by requiring a code sent to your phone or generated by an authenticator app. Even if hackers steal your password, they’ll need this second factor to gain access.
Help Your Loved Ones Enable MFA.
Start with their most critical accounts, like email—often the gateway to other accounts—and online banking. Guide them through the process of enabling MFA, explaining the differences between text-based codes and app-generated codes (which are generally more secure). Duo Mobile is a popular authenticator app that even offers cloud backups for peace of mind.
Don’t forget to lock down their phone provider accounts with MFA. A compromised phone number can give hackers access to linked accounts, making this step crucial.
As Tobac emphasizes, “Any MFA is better than none.” Help them take this simple step toward stronger security.
Be Politely Paranoid: Spotting Scams and Social Engineering
Spam calls, phishing emails, and fraudulent texts are rampant. Cybercriminals rely on human error to trick people into revealing sensitive information or visiting malicious websites. That’s why cultivating a healthy dose of skepticism is key.
Teach “Polite Paranoia.”
Tobac recommends verifying the identity of anyone asking for sensitive information. For instance, if someone claims to be from your bank, hang up and call the official number on your bank card to confirm. Similarly, encourage loved ones to let unknown calls go to voicemail—even with caller ID, it’s hard to be sure who’s on the other end.
Bookmarks can be a lifesaver here. Help your relatives bookmark official login pages for banks, utilities, and other critical accounts. This way, they can quickly and safely check messages or transactions without relying on potentially malicious links in emails or texts.
Condon highlights the value of this habit: “Show them how to navigate to those sites via pinned bookmarks or browser shortcuts.” It’s a small effort with big returns.
The Gift of Cybersecurity
Cybersecurity doesn’t have to be intimidating or overly technical. By focusing on three key areas—password managers, multi-factor authentication, and scam awareness—you can empower your loved ones to protect themselves online.
These foundational practices serve as roadblocks for malicious hackers, and they’re easy to implement with a little guidance. This holiday season, take a few minutes to share these tips. Your family may not thank you immediately, but they’ll be grateful the next time a phishing attempt or password breach fails to derail their lives.
As Tobac wisely said, “The best gift you can give is the gift of not getting hacked.” So, while you’re helping fix the Wi-Fi or resetting the printer, take the opportunity to set your loved ones up for online safety—a gift that truly keeps on giving.
