New Year, More Secure: Simple tips from Yubico’s security team on improving your security posture

Each new year brings the opportunity to create resolutions and begin new, good habits. While some may focus on gym routines or getting more sleep, an important resolution everyone should focus on this year is improving your cybersecurity habits. With a steady increase in targeted, high profile cyber attacks this year it’s now more important than ever to ensure your personal information is secured.

To help demystify and make it easy for everyone to adopt healthy cybersecurity habits, this coming year, those of us on Yubico’s security team are giving an inside look into the below tips we use that you can adopt to keep your online accounts more secure. 

  1. Check all of your frequently used accounts to enable the strongest MFA available (enable security keys!)

The most important first step to protecting your online accounts is to enable multi-factor authentication (MFA) whenever possible, which adds an additional layer of protection against hackers. If you already have MFA enabled, it’s a good idea to routinely check your settings to ensure you’re using the strongest form available. 

While any form of MFA is better than relying on just a username and password, not all MFA is created equal. Phishing-resistant MFA, including device-bound passkeys like the YubiKey and syncable passkeys from cloud providers, give advanced protection for your online accounts from increasingly sophisticated cyber threats like phishing. Support for security keys are provided by many online services like email, social media, password manager, banking and more – check out all the places you can use your YubiKey here.

  1. Ensure you’re using a password manager

As mentioned above, if you’re not already using a password manager to store and manage your passwords, now is a great time to start! Password managers like 1Password also make logins easy and convenient by generating passwords and filling online forms.

Securing your password manager with a security key will provide an additional layer of security, effectively protecting your password vault and accounts from unauthorized access. If you’re already using a password manager, it’s great to be in the habit of regularly reviewing your account passwords and update them as needed – many password managers often make this easy by highlighting any weak or exposed passwords.

  1. Check your social media accounts

Social media platforms enable us to connect with others and can act as a source of income for content creators, but they can also make you vulnerable by sharing personal information with bad actors. It’s always a good idea to regularly review your accounts, and conduct an audit of the information you’re sharing through them. This includes both your past posts and security settings! We also recommend setting any personal accounts to private to limit the amount of easily accessible information.

Many social media platforms (such as Facebook, X, YouTube and Instagram) offer the option for MFA (including YubiKeys), so ensure you’re enabling it whenever possible to protect your accounts from hackers.

  1. Review your app permissions

You may be sharing more information through your apps than you’d like. We recommend regularly checking your app permissions to have visibility into what data you’re sharing with them. Similarly, review any browser extensions you might have, check your permissions, and uninstall any that you don’t use.

See how your cybersecurity habits stack up to these tips in our new cyber hygiene checklist here. And if you have recently purchased a YubiKey, we’ve created YubiKey resource guides to help you get started with your most loved (and used!) applications and services.

To learn more about how you can stay safe shopping online this holiday season, through the new year and beyond, read our blog here. Planning to travel during the holidays? Check out tips to stay secure while traveling here.

Talk to our teamTalk to our team

Share this article:


  • Goodbye master passwords: Dashlane and Yubico enhance credential vault encryption and login with YubiKeysAt Authenticate 2025 this week, the world’s leading experts on modern authentication and securing digital identities gathered, to discuss the future of secure authentication and achieving usable security across the account lifecycle. The message was clear: the future of phishing-resistant authentication is using passkeys for encryption, and the gold standard is device-bound passkeys – YubiKeys. […]Read morecredential vault encryptioncredential vault loginDashlanepartnerpasskey encryptionPRF
  • Piloting Europe’s future ID: Passkeys securing digital walletsOver the last several years, passkeys have become ubiquitous. They are available on every mobile platform, in every leading browser, as part of all major enterprise IAM solutions, and in most major cloud services. Until wwWallet came along, the only place where passkeys hadn’t yet made an impact is in the rapidly developing world of […]Read moredigital identity walletspasskeysSIROSwwWallet
  • We’re excited for what’s to come – meet us in-person to find out whyIt’s been a busy year for our team, filled with exciting company and product updates aimed at better serving our customers and helping them achieve cyber resilience as AI-driven phishing threats continue evolving globally. Between industry award recognitions and key new executive leadership hires to lead Yubico to its next stage of growth and a […]Read more
  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST