What cybersecurity basics should non-tech users focus on first?

[Frank23]

I work with a lot of people who aren't technical at all, and they're overwhelmed by cybersecurity advice. For cybersecurity for non-tech users, what are the absolute basics they should focus on first? I'm talking about maybe 3-5 things that will give them the most protection for the least effort. What cybersecurity for non-tech users advice would you give that's simple, actionable, and doesn't require understanding how the technology works?

[Luke_R]

For cybersecurity for non-tech users, I recommend these three basics: 1) Use a password manager (it's easier than remembering passwords), 2) Enable two-factor authentication on important accounts, and 3) Learn to recognize phishing attempts (if it creates urgency or asks for personal info, be suspicious). These cybersecurity for non-tech users fundamentals provide maximum protection with minimum technical knowledge.

[Paul.S]

As someone who fits the cybersecurity for non-tech users category perfectly, I'd add: keep software updated (those update notifications are important!), use antivirus software (Windows/Mac have built-in options that work well), and be careful what you download. These cybersecurity for non-tech users tips are simple but effective.