By REBECCA RUTHERFORD
Los Alamos
For the Los Alamos Daily Post

New Year’s resolutions usually involve going to the gym, drinking more water, or finally cleaning out that junk drawer. But in 2026, there is one area most people still forget to improve: their digital safety.

You do not need to be a hacker, a tech worker, or someone who understands “the cloud” to protect yourself online. You just need a few habits that actually stick. Here are four realistic cybersecurity resolutions that can save you money, time, and massive headaches this year.

1. Stop Reusing Passwords

Yes, this one again. And yes, it still matters!

Most major data breaches do not start with genius hackers guessing passwords. They start with stolen login lists from older breaches. If you reuse the same password across email, shopping sites, and social media, one leak can unlock your entire digital life.

Your email account is the big one. If someone gets into that, they can reset passwords everywhere else. Yikes!

This year, commit to using unique passwords for important accounts and let a password manager do the heavy lifting. You only need to remember one strong master password. The rest can be long, random, and impossible to guess.

LastPass is a great option, and the free offerings from Google and Apple work nicely as well. There are many options out there, do what you can stick with!

2. Turn On Two Factor Authentication Everywhere You Can

Two factor authentication is not just an extra step. It is a second lock on your digital front door. Even if someone steals your password, two factor authentication can stop them cold. That second step could be a code sent to your phone, an app notification, or a physical security key.

Start with email, banking, social media, and anything tied to your money or identity. Skip SMS codes when possible and use an authenticator app instead. Text messages can be intercepted.

Apps are much harder to break into. But either one is absolutely better than not having any 2FA at all.

This one change blocks a huge percentage of real world account takeovers, and could save you a lot of hassle this year.

3. Slow Down Before You Click Anything

Scammers rely on urgency. “Your account will be locked.” “Suspicious activity detected.” “Last chance to claim your refund.”

If a message makes you panic, that is your cue to pause. Don’t panic!

Do not click links in emails or texts that claim to be from your bank, a delivery service, or a government agency. Go directly to the official website or app instead. If there really is a problem, it will be waiting for you there. Or call them directly via a number obtained thru means other than the suspect email e.g. go to their website and get their number.

This applies to QR codes too. Scammers love slipping fake QR codes onto parking meters, menus, and flyers. If you do not know who put it there, do not scan it.

4. Keep Your Devices Updated (Even When It Is Annoying)

Those update notifications are not just about new features. They fix security holes that attackers already know about.

Delaying updates leaves your phone, laptop, and apps vulnerable to known exploits. That means attackers do not have to work very hard.

Set your devices to update automatically whenever possible. If you only do one tech chore this year, make it this one. It quietly protects you in the background without any extra effort.

You do not need to become paranoid or unplug from the internet to stay safe. You just need a few smart habits that make you a harder target than the next person.

In cybersecurity, attackers usually go for the easiest option. Make 2026 the year that option is not you!

Editor’s note: Rebecca Rutherford works in information technology at Los Alamos National Laboratory.