Last updated 3 Nov 2023

Your Security

Our computers, phones, tablets, the Internet – even bank cards – give us convenience and immediate access to information and services like never before, but they also constitute an opportunity for criminals to exploit. This short article is not going to scare you into never using them but guide you in a few easy steps you can take to do so safely. I will keep it as low-tech as possible! Like my reassuringly user-friendly password manager (a.k.a. a notebook).

This page gives you the birds’ eye view. There are links to more detailed information and steps.


Criminals also like low-tech solutions, all the more so now that technical measures like Antivirus are so effective. It is easier to get someone to tell them a password than to hack their computer. And the scams people use are getting more sophisticated and convincing.

Scams can come in the form of phone calls, text messages, emails and online. Just remember: if you didn’t start a conversation, you cannot tell if it’s genuine, whether it is a phone call, email, pop-up message on your computer or on your mobile. Just ring off and contact the organisation concerned using a known phone number. Never click a link in a text or email (if you need to, go to their website using a known address). And if in doubt, ask someone you trust.

Banks and the Police will never ask you to transfer money to another account, nor ask you for passwords, PINs or one-time codes ‘for verification’. Don’t give anyone a code that comes through to your phone or email. It is always a scam, no matter how plausible the reason.

See also:


I wrote at length about passwords here, but the quick takeaways are:

  • If you can remember a password, it is probably too short and simple
  • Humans are not good at making up truly random passwords
  • Do not rely on passwords alone, but also use two-factor authentication (2FA) whenever it is offered. More here (Coming soon)
See How to record your passwords

Computer security

How to make sure your Windows PC or laptop, and the data on it, stays yours.

  • Log into your computer with a secure password. In Windows, you can set a PIN as well for greater convenience while still saying safe from remote hackers.
  • Keep Windows and your software up-to-date. Check it every month.
  • Make sure your antivirus is up to date. If your subscription to a third-party antivirus has expired, uninstall it. Microsoft Defender will take over automatically and provide you with good protection.
  • Consider whether to use Window’s built-in antivirus or a third-party offering. Microsoft Defender is now reliable enough to recommend, and it is kept up to date automatically without fuss. If you want more bells and whistles, there are good free ones like Avast but they tend to nag you to upgrade to the paid-for version. I recommend F-Secure Safe Internet Security (under £20 for 3 devices 1 year). [Price correct as of 3 Nov 2023]
  • Install and use a Password Manager, such as Bitwarden (free). Use it to generate long, random passwords and store them securely – and add additional PINs, ‘memorable words’ etc.
  • Install an authenticator application like Authy if you have a smartphone, and use for two-factor authentication (2FA). Set up every account to verify your log-ins with text messages if not.
  • Record contact numbers, telephone banking passwords etc. and keep a printed copy to hand but in a hidden place. (See below)
  • Keep your information up to date with all your service providers (e.g. changed email addresses, mobile phone numbers) so you can regain control of an account if you get locked out.

How to record your information

There’s nothing worse than a pile of passwords written on the backs of envelopes and bits of old paper. They get lost, it can be hard to tell which password is for which account, and when there are alternatives, you never know which the latest one is.

And then there’s the handwriting. Just about every letter – and every number – can be confused with something else.

The detail of what to record deserves a page to itself, and I present a template for you to print out or fill in on your computer so nothing important gets overlooked. There is even a page to help you avoid ambiguous-looking characters.

Why does it matter? You might be ill and need a friend or relative to log into your email, for example. And what about when you get a new computer and have to set everything up again? I have had customers lose access to their email because they couldn’t find the current password. We tried the ‘forgotten password’ procedure, but both the mobile number and email address the provider knew about had long since changed, so a reset code couldn’t be sent to them anymore.

It can cost you money. Let’s say you bought Microsoft Office and registered your entitlement in an Microsoft account you can no longer log in to. You would have to buy another licence. (You could also find yourself unable to access backups in OneDrive, too.) The same applies to antivirus, photo editors... any program that checks eligibility against your account details.

Hint: Keep a list of organisations you need to inform when an email address or phone number changes, so nothing gets forgotten. It isn’t just the gas and electric who need to know!

Look here for more information and a template for your records.

© Andrew Rowland 2022