Here are some interesting differences between experts and non-experts on how they stay safe online:

Experts believe that you should:

  • Update your system with automatic updates
  • Use two-factor authentication where available
  • Use a password manager.

Non-experts don't do any of those!

Instead, non-experts believe you should:

  • Use anti-virus
  • Change your password
  • Visit only known websites


or another way to look at it, contrasting the differences:



On the pro side, automatic updates are very critical! Turn them on and let them run. Keep your computer on so it does these. Many non-experts I know think that by shutting off or sleeping their computer when they're not using it, they are safe. NOT SO. This prevents the automatic updates, which typically run during the middle of the night!

Non-experts don't usually even know what two-factor authentication is in the first place. Basically, in addition to your username and password, you need a unique number generated every minute, assigned to only you, to login. You can do this through an app on your smartphone or tablet or even web browser like Google Chrome. So even if your password is stolen, hackers can't login because they don't have the random number generated by your app.

Lastly, I am constantly recommending or other good password managers. But most average users don't use them. Either because they don't know about them, or they think they are too much trouble. But with a good password manager, you will never lose your passwords, they can't be hacked from your computer, and you generate a unique password for every site you use. So even if one service is hacked, that is only ONE password, not the ONE password you used EVERYWHERE. Not good!


On the con side, typical users trust anti-virus to keep them safe. I personally don't even use anti-virus. It is reactive - it takes sometimes days to get the latest virus updates, and during that time YOU ARE COMPLETELY VULNERABLE TO ATTACK. Anti-virus is a failed strategy in today's environment of the entire earth being connected instantly via the Internet. If you use Windows, yes, you should use it, but it is still a poor band-aid - not very much protection there.

The last two don't even deserve attention, but I'll mention them. Changing your password doesn't make you more secure. Most people will think they are choosing a "strong" password...when it is not strong, but actually a well-known pattern already seen by hackers. This is why generating a truly random password that is strong can only be done via a password manager!

Visiting sites you know - that doen't work either. All major sites use third-party advertisers. It is quite common for third party ads to have viruses and malware. So this is a failed strategy.


Here are the sources for this information for further reading:


New research: Comparing how security experts and non-experts stay safe online


Paper: “ one can hack my mind”: Comparing Expert and Non-Expert Security Practices - PDF format

Take the Next Step

Talk to us


Mon-Fri 9am-5pm


About Us