New Year, More Secure: Simple tips from Yubico’s security team on improving your security posture

Each new year brings the opportunity to create resolutions and begin new, good habits. While some may focus on gym routines or getting more sleep, an important resolution everyone should focus on this year is improving your cybersecurity habits. With a steady increase in targeted, high profile cyber attacks this year it’s now more important than ever to ensure your personal information is secured.

To help demystify and make it easy for everyone to adopt healthy cybersecurity habits, this coming year, those of us on Yubico’s security team are giving an inside look into the below tips we use that you can adopt to keep your online accounts more secure. 

  1. Check all of your frequently used accounts to enable the strongest MFA available (enable security keys!)

The most important first step to protecting your online accounts is to enable multi-factor authentication (MFA) whenever possible, which adds an additional layer of protection against hackers. If you already have MFA enabled, it’s a good idea to routinely check your settings to ensure you’re using the strongest form available. 

While any form of MFA is better than relying on just a username and password, not all MFA is created equal. Phishing-resistant MFA, including device-bound passkeys like the YubiKey and syncable passkeys from cloud providers, give advanced protection for your online accounts from increasingly sophisticated cyber threats like phishing. Support for security keys are provided by many online services like email, social media, password manager, banking and more – check out all the places you can use your YubiKey here.

  1. Ensure you’re using a password manager

As mentioned above, if you’re not already using a password manager to store and manage your passwords, now is a great time to start! Password managers like 1Password also make logins easy and convenient by generating passwords and filling online forms.

Securing your password manager with a security key will provide an additional layer of security, effectively protecting your password vault and accounts from unauthorized access. If you’re already using a password manager, it’s great to be in the habit of regularly reviewing your account passwords and update them as needed – many password managers often make this easy by highlighting any weak or exposed passwords.

  1. Check your social media accounts

Social media platforms enable us to connect with others and can act as a source of income for content creators, but they can also make you vulnerable by sharing personal information with bad actors. It’s always a good idea to regularly review your accounts, and conduct an audit of the information you’re sharing through them. This includes both your past posts and security settings! We also recommend setting any personal accounts to private to limit the amount of easily accessible information.

Many social media platforms (such as Facebook, X, YouTube and Instagram) offer the option for MFA (including YubiKeys), so ensure you’re enabling it whenever possible to protect your accounts from hackers.

  1. Review your app permissions

You may be sharing more information through your apps than you’d like. We recommend regularly checking your app permissions to have visibility into what data you’re sharing with them. Similarly, review any browser extensions you might have, check your permissions, and uninstall any that you don’t use.

See how your cybersecurity habits stack up to these tips in our new cyber hygiene checklist here. And if you have recently purchased a YubiKey, we’ve created YubiKey resource guides to help you get started with your most loved (and used!) applications and services.

To learn more about how you can stay safe shopping online this holiday season, through the new year and beyond, read our blog here. Planning to travel during the holidays? Check out tips to stay secure while traveling here.

Talk to our teamTalk to our team

Share this article:


  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST
  • 2025 Global State of Authentication survey: A world of difference in cybersecurity habitsIn a world that’s more connected than ever, the landscape of cybersecurity threats is constantly evolving. Bad actors, now supercharged with artificial intelligence (AI), are becoming increasingly adept at exploiting human error through sophisticated phishing and social engineering attacks. This makes robust cybersecurity a universal issue, impacting everyone from individuals to the largest global enterprises. […]Read moreGlobal State of Authenticationsurvey
  • Making digital security a right: Inside Yubico’s Secure it Forward programTechnology can be a great equalizer — but only if the strongest protection is within reach. Since 2022, Yubico has donated more than 65,000 YubiKeys to hundreds of organizations worldwide — a retail value of over $3.3 million. Each key helps strengthen digital protection for those doing vital work in their communities. This isn’t just […]Read more
  • Unlocking trust in enterprise security: Yubico and Okta empowering businesses togetherCollaboration with ecosystem partners is critical for providing our customers with the best cybersecurity solutions. Together, Yubico and Okta have achieved remarkable milestones over the years, including launching innovative solutions and aligning our go-to-market efforts – all aimed at delivering the most impactful cybersecurity solutions and user experience for our customers and partners. At the heart […]Read moreOktaOktane