Why This Year’s Resolutions Are Different
The turn of the year often brings a flurry of ambitious goals: exercise more, eat healthier, learn a new skill. While these are all worthy pursuits, my professional life has trained me to look at fresh starts through a different lens—a security lens. That’s why, as a security editor, my list of **security New Years resolutions** is the most important one I’ll make. It’s not about transforming my physical life, but fortifying my digital one, which, in today’s world, is just as critical.
For most people, cybersecurity is an intimidating, abstract concept filled with jargon. They know it’s important, but taking action feels overwhelming. Where do you even begin? That’s precisely why I’m sharing my personal goals. These aren’t complex coding challenges or enterprise-level defense strategies. They are three fundamental, achievable resolutions that will have an outsized impact on protecting my data, my identity, and my peace of mind in the year ahead. Think of this as your expert-guided plan to a safer digital life.
Resolution 1: Fully Commit to a Password Manager—No Exceptions
If there is one single piece of advice I could give anyone, it would be this: use a password manager. It is the bedrock of good digital hygiene. And yet, even as a security professional, I’ll admit there are times I’ve gotten lazy, creating a “temporary” simple password for a low-stakes account, promising myself I’ll change it later. This year, that stops. My first resolution is to achieve 100% compliance in my own digital life, using my password manager for everything, without a single exception.
The Psychology of Password Failure
The human brain is simply not designed to create and remember dozens of unique, complex passwords. We are wired for patterns and shortcuts. This leads to the cardinal sins of password security:
– Reusing the same password across multiple sites.
– Creating simple, memorable passwords based on personal information (birthdays, pet names).
– Using slight variations of the same core password (e.g., “Hunter1,” “Hunter2!”).
A single data breach at one minor online service can expose a password you’ve reused on your email or banking account. This is how most account takeovers happen. A password manager solves this problem by outsourcing the work of creating and remembering to a secure, encrypted application.
Making the Password Manager an Unbreakable Habit
Committing to a password manager is more than just installing an app. It’s about fundamentally changing your behavior. Here’s how I’m reinforcing this resolution.
1. The Initial Audit and Cleanup
The first step is a full-scale audit. I’m using my password manager’s built-in security dashboard (most top-tier services like 1Password, Bitwarden, and Dashlane have this feature) to identify all my weak and reused passwords. My plan is to dedicate 30 minutes each Sunday this month to tackling this list, starting with my most critical accounts:
– Primary Email
– Banking and Financial Services
– Government Portals
– Core Social Media Accounts
For each one, I’m using the manager’s built-in generator to create a long, random, and completely unique password. Something like `wJ8#pZ&k!v6@qL*nB$s2` is impossible to guess but effortless to use when the manager auto-fills it for you.
2. Utilizing Advanced Features
Modern password managers are more than just digital vaults. To fully embrace this resolution, I’m making a point to use their more advanced capabilities. This includes:
– Storing security questions and answers.
– Saving credit card information for secure online checkouts.
– Using the secure notes feature for sensitive information like Wi-Fi passwords or software license keys.
– Enabling two-factor authentication (2FA) within the password manager itself, creating a single source of truth for account access.
By integrating the tool into every aspect of my digital life, it becomes an indispensable utility rather than an occasional convenience. This is one of the most important **security New Years resolutions** you can adopt.
Resolution 2: Conduct a Deep Digital Footprint Audit
Our digital lives are long and messy. We’ve signed up for countless services, apps, and newsletters over the years, leaving behind a trail of personal data. My second resolution is to conduct a thorough audit of this “digital footprint” to find and eliminate old, forgotten accounts that represent a hidden security risk. Every unused account is a potential vector for a data breach that could expose information I’d long forgotten I ever shared.
Understanding Your Digital Shadow
Your digital footprint is the sum of all the data you’ve left online. This includes social media profiles, forum posts, online shopping accounts, and subscriptions to services you haven’t used in a decade. Hackers often target these forgotten databases because they tend to have weaker security, and they contain a treasure trove of personal information—names, email addresses, dates of birth, and old passwords that you might have reused elsewhere.
Cleaning this up isn’t just tidy; it’s a critical defensive measure. It reduces your “attack surface,” leaving malicious actors with fewer potential entry points to exploit.
A Practical Guide to Auditing Your Footprint
This resolution requires some digital detective work. Here is the exact process I’m following.
1. Start with Your Email Inbox
Your email is an archive of your online life. I’m searching my old inboxes for terms like “welcome,” “new account,” “confirm your email,” and “unsubscribe.” This simple technique unearths dozens of services I signed up for and forgot about. For each one I find, I’m asking a simple question: Do I still need this? If the answer is no, I’m navigating to the site and finding the option to permanently delete my account.
2. Check for Known Breaches
Next, I’m systematically checking my current and past email addresses on the highly respected website Have I Been Pwned. This free service, run by security expert Troy Hunt, aggregates data from hundreds of breaches and tells you if your email address was compromised.
This step provides a targeted hit list. If an account from a breached service is one I no longer use, deleting it becomes my top priority. If I still need the account, I immediately change the password and enable 2FA.
3. The Great Purge of Unused Apps
This extends to my smartphone. I’m going through every single app on my phone and uninstalling anything I haven’t used in the last three months. Before deleting, I’m checking if the app has a cloud-based account associated with it and deleting that account first. Simply removing the app from your phone does not delete your data from the company’s servers.
Resolution 3: Fortify My Home Network Security
We spend so much time securing our laptops and phones, but we often forget about the very gateway through which all our data flows: the home Wi-Fi router. A poorly secured router can be compromised, allowing an attacker to monitor traffic, redirect you to malicious websites, or infect other devices on your network. My third and final major security resolution is to perform a full security overhaul of my home network.
Your Router: The Unsung Hero of Digital Defense
Think of your router as the digital front door to your home. You wouldn’t leave it unlocked with the key in the knob, yet millions of people use their routers with the default, easily guessable administrator passwords printed on the sticker. Securing this single device elevates the security of every single product connected to it, from your smart TV to your personal computer.
My Router Security Checklist
This is a technical but surprisingly straightforward resolution. Most of these settings can be accessed by typing your router’s IP address (often `192.168.1.1` or `192.168.0.1`) into a web browser.
– **Change the Administrator Password:** This is non-negotiable. The default admin username and password for your router model are publicly available online. I’m changing mine to a long, unique password stored—you guessed it—in my password manager.
– **Update the Firmware:** Router firmware, like any software, has vulnerabilities that get discovered over time. I am checking my manufacturer’s website for the latest firmware version and installing it. Many modern routers can now do this automatically, and I’m making sure that feature is enabled.
– **Enable WPA3 Encryption:** WPA3 is the latest, most secure standard for Wi-Fi encryption. My router supports it, so I’m making sure it’s enabled. If your router is older and only supports WPA2, make sure it is set to use AES encryption, not the older and less secure TKIP protocol.
– **Set Up a Guest Network:** I’m creating a separate network exclusively for visitors. This is a crucial step. A guest network provides internet access but isolates visitors’ devices from my main network, where my sensitive devices like my work laptop and network-attached storage reside. This prevents a guest’s potentially malware-infected device from spreading to my critical systems.
How to Make Your Own Security New Years Resolutions Stick
Setting goals is easy; following through is the hard part. The key to success with these **security New Years resolutions** is to approach them systematically rather than trying to do everything at once. True security is a process, not a one-time fix.
Schedule Your Security
Just as you would schedule a gym session, block out time on your calendar for these tasks. I’ve set aside one hour every other week as a “Security Power Hour.” During this time, I’ll work on one specific goal, whether it’s cleaning up 10 old accounts, auditing my social media privacy settings, or checking for firmware updates. Breaking these resolutions down into manageable chunks prevents overwhelm and fosters a sustainable habit.
Focus on Progress, Not Perfection
You don’t have to achieve a perfect security posture overnight. The goal is to be significantly safer at the end of the year than you were at the beginning. Every old password you update and every unused account you delete is a tangible win. This incremental progress builds momentum and makes the entire process feel more rewarding.
These three resolutions—mastering a password manager, auditing your digital footprint, and hardening your home network—are not just items on a checklist. They represent a fundamental shift in how you approach your digital life, moving from a passive user to an active defender of your own data. This year, give yourself the gift of digital peace of mind. Choose one of these goals and start today. Your future self will thank you.
